{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","type":"deb","namespace":"debian","name":"trafficserver","version":"9.2.5+ds-0+deb12u4","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205886?format=json","vulnerability_id":"VCID-1237-y5m3-eqdc","summary":"sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11783","reference_id":"","reference_type":"","scores":[{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78686","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11783"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106043?format=json","purl":"pkg:deb/debian/trafficserver@8.0.2%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.2%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2018-11783"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1237-y5m3-eqdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/195154?format=json","vulnerability_id":"VCID-1b18-pv5z-k3gh","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17509","reference_id":"","reference_type":"","scores":[{"value":"0.03046","scoring_system":"epss","scoring_elements":"0.8698","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106047?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2020-17509"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1b18-pv5z-k3gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168014?format=json","vulnerability_id":"VCID-1faa-46v2-k7hn","summary":"Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server.  This issue affects Apache Traffic Server 8.0.0 to 9.1.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37392","reference_id":"","reference_type":"","scores":[{"value":"0.03006","scoring_system":"epss","scoring_elements":"0.86877","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392"},{"reference_url":"https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02","reference_id":"mrj2lg4s0hf027rk7gz8t7hbn9xpfg02","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:03Z/"}],"url":"https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106058?format=json","purl":"pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.6%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106057?format=json","purl":"pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-37392"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1faa-46v2-k7hn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15923?format=json","vulnerability_id":"VCID-1weg-s38v-nkh9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json"},{"reference_url":"https://akka.io/security/akka-http-cve-2023-44487.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://akka.io/security/akka-http-cve-2023-44487.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"0.9439","scoring_system":"epss","scoring_elements":"0.99973","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44487"},{"reference_url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size"},{"reference_url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011"},{"reference_url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack"},{"reference_url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack"},{"reference_url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty"},{"reference_url":"https://blog.vespa.ai/cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.vespa.ai/cve-2023-44487"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-341067.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-341067.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-832273.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-832273.html"},{"reference_url":"https://chaos.social/@icing/111210915918780532","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://chaos.social/@icing/111210915918780532"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/akka/akka-http/pull/4324","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/akka/akka-http/pull/4324"},{"reference_url":"https://github.com/akka/akka-http/pull/4325","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/akka/akka-http/pull/4325"},{"reference_url":"https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a"},{"reference_url":"https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49"},{"reference_url":"https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628"},{"reference_url":"https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e"},{"reference_url":"https://github.com/apple/swift-nio-http2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apple/swift-nio-http2"},{"reference_url":"https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3"},{"reference_url":"https://github.com/grpc/grpc-go/releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/grpc/grpc-go/releases"},{"reference_url":"https://github.com/hyperium/hyper/issues/3337","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/hyperium/hyper/issues/3337"},{"reference_url":"https://go.dev/cl/534215","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/534215"},{"reference_url":"https://go.dev/cl/534235","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/534235"},{"reference_url":"https://go.dev/issue/63417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/63417"},{"reference_url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"},{"reference_url":"https://istio.io/latest/news/security/istio-security-2023-004","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://istio.io/latest/news/security/istio-security-2023-004"},{"reference_url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4"},{"reference_url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44487"},{"reference_url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231016-0001","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231016-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0007","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240426-0007"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007"},{"reference_url":"https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12"},{"reference_url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94"},{"reference_url":"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81"},{"reference_url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"},{"reference_url":"https://www.eclipse.org/lists/jetty-announce/msg00181.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.eclipse.org/lists/jetty-announce/msg00181.html"},{"reference_url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487"},{"reference_url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products"},{"reference_url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday"},{"reference_url":"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/08/13/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/08/13/6"},{"reference_url":"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html","reference_id":"0025.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"},{"reference_url":"https://github.com/apache/httpd-site/pull/10","reference_id":"10","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/httpd-site/pull/10"},{"reference_url":"https://github.com/apache/apisix/issues/10320","reference_id":"10320","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/apisix/issues/10320"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769","reference_id":"1053769","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770","reference_id":"1053770","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801","reference_id":"1053801","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232","reference_id":"1054232","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234","reference_id":"1054234","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156","reference_id":"1056156","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156"},{"reference_url":"https://github.com/apache/trafficserver/pull/10564","reference_id":"10564","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/trafficserver/pull/10564"},{"reference_url":"https://github.com/eclipse/jetty.project/issues/10679","reference_id":"10679","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/eclipse/jetty.project/issues/10679"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421","reference_id":"1074421","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421"},{"reference_url":"https://github.com/Kong/kong/discussions/11741","reference_id":"11741","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/Kong/kong/discussions/11741"},{"reference_url":"https://github.com/kubernetes/kubernetes/pull/121120","reference_id":"121120","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kubernetes/kubernetes/pull/121120"},{"reference_url":"https://github.com/ninenines/cowboy/issues/1615","reference_id":"1615","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/ninenines/cowboy/issues/1615"},{"reference_url":"https://github.com/etcd-io/etcd/issues/16740","reference_id":"16740","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/etcd-io/etcd/issues/16740"},{"reference_url":"https://github.com/alibaba/tengine/issues/1872","reference_id":"1872","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/alibaba/tengine/issues/1872"},{"reference_url":"https://github.com/nghttp2/nghttp2/pull/1961","reference_id":"1961","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nghttp2/nghttp2/pull/1961"},{"reference_url":"https://github.com/tempesta-tech/tempesta/issues/1986","reference_id":"1986","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/tempesta-tech/tempesta/issues/1986"},{"reference_url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"},{"reference_url":"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125","reference_id":"20125","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"},{"reference_url":"https://security.gentoo.org/glsa/202311-09","reference_id":"202311-09","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.gentoo.org/glsa/202311-09"},{"reference_url":"https://github.com/haproxy/haproxy/issues/2312","reference_id":"2312","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/haproxy/haproxy/issues/2312"},{"reference_url":"https://github.com/dotnet/announcements/issues/277","reference_id":"277","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/dotnet/announcements/issues/277"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/","reference_id":"2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"},{"reference_url":"https://github.com/envoyproxy/envoy/pull/30055","reference_id":"30055","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/envoyproxy/envoy/pull/30055"},{"reference_url":"https://github.com/h2o/h2o/pull/3291","reference_id":"3291","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/h2o/h2o/pull/3291"},{"reference_url":"https://github.com/oqtane/oqtane.framework/discussions/3367","reference_id":"3367","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/oqtane/oqtane.framework/discussions/3367"},{"reference_url":"https://github.com/opensearch-project/data-prepper/issues/3474","reference_id":"3474","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/opensearch-project/data-prepper/issues/3474"},{"reference_url":"https://github.com/Azure/AKS/issues/3947","reference_id":"3947","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/Azure/AKS/issues/3947"},{"reference_url":"https://github.com/varnishcache/varnish-cache/issues/3996","reference_id":"3996","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/varnishcache/varnish-cache/issues/3996"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/13/4","reference_id":"4","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/13/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/18/4","reference_id":"4","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/18/4"},{"reference_url":"https://netty.io/news/2023/10/10/4-1-100-Final.html","reference_id":"4-1-100-Final.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://netty.io/news/2023/10/10/4-1-100-Final.html"},{"reference_url":"https://github.com/akka/akka-http/issues/4323","reference_id":"4323","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/akka/akka-http/issues/4323"},{"reference_url":"https://github.com/facebook/proxygen/pull/466","reference_id":"466","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/facebook/proxygen/pull/466"},{"reference_url":"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632","reference_id":"4b9c6836471bc8270ab48aae6fd2181bc73fd632","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"},{"reference_url":"https://github.com/nodejs/node/pull/50121","reference_id":"50121","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nodejs/node/pull/50121"},{"reference_url":"https://github.com/line/armeria/pull/5232","reference_id":"5232","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/line/armeria/pull/5232"},{"reference_url":"https://github.com/projectcontour/contour/pull/5826","reference_id":"5826","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/projectcontour/contour/pull/5826"},{"reference_url":"https://github.com/caddyserver/caddy/issues/5877","reference_id":"5877","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/caddyserver/caddy/issues/5877"},{"reference_url":"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61","reference_id":"58f75f665aa81a8cbcf6ffa74820042a285c5e61","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"},{"reference_url":"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715","reference_id":"59715","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"},{"reference_url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_id":"5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/10/10/6","reference_id":"6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/10/10/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/10/6","reference_id":"6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/10/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/19/6","reference_id":"6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/19/6"},{"reference_url":"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73","reference_id":"6.0.23.md?plain=1#L73","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"},{"reference_url":"https://github.com/golang/go/issues/63417","reference_id":"63417","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/golang/go/issues/63417"},{"reference_url":"https://github.com/microsoft/CBL-Mariner/pull/6381","reference_id":"6381","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/microsoft/CBL-Mariner/pull/6381"},{"reference_url":"https://github.com/grpc/grpc-go/pull/6703","reference_id":"6703","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/grpc/grpc-go/pull/6703"},{"reference_url":"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764","reference_id":"67764","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/10/7","reference_id":"7","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/10/7"},{"reference_url":"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088","reference_id":"7c2bfb8e9cdbe4b35a5e131c66a0c088","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/18/8","reference_id":"8","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/18/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/20/8","reference_id":"8","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/20/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/13/9","reference_id":"9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/13/9"},{"reference_url":"https://github.com/kazu-yamamoto/http2/issues/93","reference_id":"93","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kazu-yamamoto/http2/issues/93"},{"reference_url":"https://github.com/openresty/openresty/issues/930","reference_id":"930","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/openresty/openresty/issues/930"},{"reference_url":"https://github.com/junkurihara/rust-rpxy/issues/97","reference_id":"97","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/junkurihara/rust-rpxy/issues/97"},{"reference_url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/","reference_id":"AWS-2023-011","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/","reference_id":"BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ","reference_id":"cisco-sa-http2-reset-d8Kf32vZ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/","reference_id":"CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"},{"reference_url":"https://access.redhat.com/security/cve/cve-2023-44487","reference_id":"cve-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://access.redhat.com/security/cve/cve-2023-44487"},{"reference_url":"https://blog.vespa.ai/cve-2023-44487/","reference_id":"cve-2023-44487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.vespa.ai/cve-2023-44487/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"Important","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487"},{"reference_url":"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"},{"reference_url":"https://github.com/bcdannyboy/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/bcdannyboy/CVE-2023-44487"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"},{"reference_url":"https://security.paloaltonetworks.com/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.paloaltonetworks.com/CVE-2023-44487"},{"reference_url":"https://ubuntu.com/security/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://ubuntu.com/security/CVE-2023-44487"},{"reference_url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack","reference_id":"cve-2023-44487-http-2-rapid-reset-attack","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"},{"reference_url":"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html","reference_id":"draft-thomson-httpbis-h2-stream-limits.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"},{"reference_url":"https://www.debian.org/security/2023/dsa-5521","reference_id":"dsa-5521","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5521"},{"reference_url":"https://www.debian.org/security/2023/dsa-5522","reference_id":"dsa-5522","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5522"},{"reference_url":"https://www.debian.org/security/2023/dsa-5540","reference_id":"dsa-5540","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5540"},{"reference_url":"https://www.debian.org/security/2023/dsa-5549","reference_id":"dsa-5549","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5549"},{"reference_url":"https://www.debian.org/security/2023/dsa-5558","reference_id":"dsa-5558","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5558"},{"reference_url":"https://www.debian.org/security/2023/dsa-5570","reference_id":"dsa-5570","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5570"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","reference_id":"E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"},{"reference_url":"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1","reference_id":"f61d41a502bd0f60eb24e1ce14edc7b6df6722a1","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","reference_id":"FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"},{"reference_url":"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf","reference_id":"GHSA-2m7v-gc89-fjqf","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"},{"reference_url":"https://github.com/advisories/GHSA-qppj-fm5r-hxr3","reference_id":"GHSA-qppj-fm5r-hxr3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-qppj-fm5r-hxr3"},{"reference_url":"https://github.com/advisories/GHSA-vx74-f528-fxqg","reference_id":"GHSA-vx74-f528-fxqg","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-vx74-f528-fxqg"},{"reference_url":"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p","reference_id":"GHSA-xpw8-rcwv-8f8p","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"},{"reference_url":"https://security.gentoo.org/glsa/202408-10","reference_id":"GLSA-202408-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-10"},{"reference_url":"https://security.gentoo.org/glsa/202412-14","reference_id":"GLSA-202412-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-14"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/","reference_id":"google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"},{"reference_url":"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113","reference_id":"h2_mplx.c#L1101-L1113","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"},{"reference_url":"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487","reference_id":"haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"},{"reference_url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/","reference_id":"how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack","reference_id":"how-it-works-the-novel-http2-rapid-reset-ddos-attack","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","reference_id":"HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"},{"reference_url":"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2","reference_id":"http2","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"},{"reference_url":"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack","reference_id":"HTTP2-Rapid-Reset-Attack","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"},{"reference_url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/","reference_id":"http-2-rapid-reset-attack-impacting-f5-nginx-products","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"},{"reference_url":"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487","reference_id":"http2-rapid-reset-vulnerability-cve-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"},{"reference_url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/","reference_id":"http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"},{"reference_url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/","reference_id":"http2_rapid_reset_zeroday","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"},{"reference_url":"https://github.com/micrictor/http2-rst-stream","reference_id":"http2-rst-stream","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/micrictor/http2-rst-stream"},{"reference_url":"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected","reference_id":"hyper-http2-rapid-reset-unaffected","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"},{"reference_url":"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9","reference_id":"?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"},{"reference_url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo","reference_id":"iNNxDTCjZvo","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"},{"reference_url":"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event","reference_id":"internet-wide-zero-day-bug-fuels-largest-ever-ddos-event","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"},{"reference_url":"https://istio.io/latest/news/security/istio-security-2023-004/","reference_id":"istio-security-2023-004","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://istio.io/latest/news/security/istio-security-2023-004/"},{"reference_url":"https://news.ycombinator.com/item?id=37830987","reference_id":"item?id=37830987","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37830987"},{"reference_url":"https://news.ycombinator.com/item?id=37830998","reference_id":"item?id=37830998","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37830998"},{"reference_url":"https://news.ycombinator.com/item?id=37831062","reference_id":"item?id=37831062","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37831062"},{"reference_url":"https://news.ycombinator.com/item?id=37837043","reference_id":"item?id=37837043","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37837043"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","reference_id":"JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/","reference_id":"JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"},{"reference_url":"https://my.f5.com/manage/s/article/K000137106","reference_id":"K000137106","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://my.f5.com/manage/s/article/K000137106"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/","reference_id":"KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"},{"reference_url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/","reference_id":"linkerd-cve-2023-44487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","reference_id":"LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/","reference_id":"LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html","reference_id":"msg00045.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html","reference_id":"msg00047.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"},{"reference_url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/","reference_id":"netlify-successfully-mitigates-cve-2023-44487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"},{"reference_url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/","reference_id":"new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231016-0001/","reference_id":"ntap-20231016-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231016-0001/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0007/","reference_id":"ntap-20240426-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0007/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007/","reference_id":"ntap-20240621-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007/"},{"reference_url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/","reference_id":"rapid-reset-http-2-vulnerablilty","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"},{"reference_url":"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244","reference_id":"README.md?plain=1#L239-L244","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"},{"reference_url":"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve","reference_id":"resets-leaks-ddos-and-the-tale-of-a-hidden-cve","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5006","reference_id":"RHSA-2023:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5009","reference_id":"RHSA-2023:5009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5530","reference_id":"RHSA-2023:5530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5541","reference_id":"RHSA-2023:5541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5542","reference_id":"RHSA-2023:5542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5679","reference_id":"RHSA-2023:5679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5705","reference_id":"RHSA-2023:5705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5706","reference_id":"RHSA-2023:5706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5707","reference_id":"RHSA-2023:5707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5708","reference_id":"RHSA-2023:5708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5709","reference_id":"RHSA-2023:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5710","reference_id":"RHSA-2023:5710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5711","reference_id":"RHSA-2023:5711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5712","reference_id":"RHSA-2023:5712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5713","reference_id":"RHSA-2023:5713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5714","reference_id":"RHSA-2023:5714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5715","reference_id":"RHSA-2023:5715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5716","reference_id":"RHSA-2023:5716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5717","reference_id":"RHSA-2023:5717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5719","reference_id":"RHSA-2023:5719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5720","reference_id":"RHSA-2023:5720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5721","reference_id":"RHSA-2023:5721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5724","reference_id":"RHSA-2023:5724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5738","reference_id":"RHSA-2023:5738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5749","reference_id":"RHSA-2023:5749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5764","reference_id":"RHSA-2023:5764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5765","reference_id":"RHSA-2023:5765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5766","reference_id":"RHSA-2023:5766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5767","reference_id":"RHSA-2023:5767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5768","reference_id":"RHSA-2023:5768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5769","reference_id":"RHSA-2023:5769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5770","reference_id":"RHSA-2023:5770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5780","reference_id":"RHSA-2023:5780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5783","reference_id":"RHSA-2023:5783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5784","reference_id":"RHSA-2023:5784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5801","reference_id":"RHSA-2023:5801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5802","reference_id":"RHSA-2023:5802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5803","reference_id":"RHSA-2023:5803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5805","reference_id":"RHSA-2023:5805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5835","reference_id":"RHSA-2023:5835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5837","reference_id":"RHSA-2023:5837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5838","reference_id":"RHSA-2023:5838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5840","reference_id":"RHSA-2023:5840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5841","reference_id":"RHSA-2023:5841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5849","reference_id":"RHSA-2023:5849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5850","reference_id":"RHSA-2023:5850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5851","reference_id":"RHSA-2023:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5863","reference_id":"RHSA-2023:5863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5864","reference_id":"RHSA-2023:5864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5865","reference_id":"RHSA-2023:5865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5866","reference_id":"RHSA-2023:5866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5867","reference_id":"RHSA-2023:5867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5869","reference_id":"RHSA-2023:5869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5896","reference_id":"RHSA-2023:5896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5902","reference_id":"RHSA-2023:5902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5920","reference_id":"RHSA-2023:5920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5922","reference_id":"RHSA-2023:5922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5924","reference_id":"RHSA-2023:5924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5928","reference_id":"RHSA-2023:5928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5929","reference_id":"RHSA-2023:5929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5930","reference_id":"RHSA-2023:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5931","reference_id":"RHSA-2023:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5933","reference_id":"RHSA-2023:5933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5935","reference_id":"RHSA-2023:5935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5945","reference_id":"RHSA-2023:5945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5946","reference_id":"RHSA-2023:5946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5947","reference_id":"RHSA-2023:5947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5956","reference_id":"RHSA-2023:5956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5964","reference_id":"RHSA-2023:5964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5965","reference_id":"RHSA-2023:5965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5967","reference_id":"RHSA-2023:5967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5969","reference_id":"RHSA-2023:5969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5970","reference_id":"RHSA-2023:5970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5971","reference_id":"RHSA-2023:5971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5973","reference_id":"RHSA-2023:5973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5973"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5974","reference_id":"RHSA-2023:5974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5976","reference_id":"RHSA-2023:5976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5978","reference_id":"RHSA-2023:5978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5979","reference_id":"RHSA-2023:5979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5980","reference_id":"RHSA-2023:5980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5982","reference_id":"RHSA-2023:5982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5989","reference_id":"RHSA-2023:5989","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5989"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6020","reference_id":"RHSA-2023:6020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6021","reference_id":"RHSA-2023:6021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6022","reference_id":"RHSA-2023:6022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6023","reference_id":"RHSA-2023:6023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6030","reference_id":"RHSA-2023:6030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6031","reference_id":"RHSA-2023:6031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6039","reference_id":"RHSA-2023:6039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6040","reference_id":"RHSA-2023:6040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6041","reference_id":"RHSA-2023:6041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6042","reference_id":"RHSA-2023:6042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6048","reference_id":"RHSA-2023:6048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6057","reference_id":"RHSA-2023:6057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6059","reference_id":"RHSA-2023:6059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6061","reference_id":"RHSA-2023:6061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6077","reference_id":"RHSA-2023:6077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6079","reference_id":"RHSA-2023:6079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6080","reference_id":"RHSA-2023:6080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6084","reference_id":"RHSA-2023:6084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6105","reference_id":"RHSA-2023:6105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6105"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6106","reference_id":"RHSA-2023:6106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6114","reference_id":"RHSA-2023:6114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6115","reference_id":"RHSA-2023:6115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6117","reference_id":"RHSA-2023:6117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6118","reference_id":"RHSA-2023:6118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6120","reference_id":"RHSA-2023:6120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6129","reference_id":"RHSA-2023:6129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6137","reference_id":"RHSA-2023:6137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6144","reference_id":"RHSA-2023:6144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6154","reference_id":"RHSA-2023:6154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6161","reference_id":"RHSA-2023:6161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6165","reference_id":"RHSA-2023:6165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6179","reference_id":"RHSA-2023:6179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6217","reference_id":"RHSA-2023:6217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6233","reference_id":"RHSA-2023:6233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6235","reference_id":"RHSA-2023:6235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6239","reference_id":"RHSA-2023:6239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6248","reference_id":"RHSA-2023:6248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6251","reference_id":"RHSA-2023:6251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6269","reference_id":"RHSA-2023:6269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6272","reference_id":"RHSA-2023:6272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6280","reference_id":"RHSA-2023:6280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6286","reference_id":"RHSA-2023:6286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6296","reference_id":"RHSA-2023:6296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6298","reference_id":"RHSA-2023:6298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6305","reference_id":"RHSA-2023:6305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6746","reference_id":"RHSA-2023:6746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6779","reference_id":"RHSA-2023:6779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6781","reference_id":"RHSA-2023:6781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6782","reference_id":"RHSA-2023:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6783","reference_id":"RHSA-2023:6783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6784","reference_id":"RHSA-2023:6784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6785","reference_id":"RHSA-2023:6785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6786","reference_id":"RHSA-2023:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6787","reference_id":"RHSA-2023:6787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6788","reference_id":"RHSA-2023:6788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6817","reference_id":"RHSA-2023:6817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6832","reference_id":"RHSA-2023:6832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6836","reference_id":"RHSA-2023:6836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6837","reference_id":"RHSA-2023:6837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6839","reference_id":"RHSA-2023:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6840","reference_id":"RHSA-2023:6840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7198","reference_id":"RHSA-2023:7198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7215","reference_id":"RHSA-2023:7215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7218","reference_id":"RHSA-2023:7218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7247","reference_id":"RHSA-2023:7247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7288","reference_id":"RHSA-2023:7288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7315","reference_id":"RHSA-2023:7315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7325","reference_id":"RHSA-2023:7325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7334","reference_id":"RHSA-2023:7334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7335","reference_id":"RHSA-2023:7335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7344","reference_id":"RHSA-2023:7344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7345","reference_id":"RHSA-2023:7345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7481","reference_id":"RHSA-2023:7481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7482","reference_id":"RHSA-2023:7482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7483","reference_id":"RHSA-2023:7483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7484","reference_id":"RHSA-2023:7484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7486","reference_id":"RHSA-2023:7486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7488","reference_id":"RHSA-2023:7488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7521","reference_id":"RHSA-2023:7521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7522","reference_id":"RHSA-2023:7522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7555","reference_id":"RHSA-2023:7555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7587","reference_id":"RHSA-2023:7587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7610","reference_id":"RHSA-2023:7610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7637","reference_id":"RHSA-2023:7637","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7637"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7638","reference_id":"RHSA-2023:7638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7639","reference_id":"RHSA-2023:7639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7641","reference_id":"RHSA-2023:7641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7653","reference_id":"RHSA-2023:7653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7682","reference_id":"RHSA-2023:7682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7687","reference_id":"RHSA-2023:7687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7699","reference_id":"RHSA-2023:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7703","reference_id":"RHSA-2023:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7704","reference_id":"RHSA-2023:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7741","reference_id":"RHSA-2023:7741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0269","reference_id":"RHSA-2024:0269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0302","reference_id":"RHSA-2024:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0777","reference_id":"RHSA-2024:0777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1444","reference_id":"RHSA-2024:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1770","reference_id":"RHSA-2024:1770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2633","reference_id":"RHSA-2024:2633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4631","reference_id":"RHSA-2024:4631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16668","reference_id":"RHSA-2025:16668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23528","reference_id":"RHSA-2025:23528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23529","reference_id":"RHSA-2025:23529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0722","reference_id":"RHSA-2026:0722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0722"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html","reference_id":"S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"},{"reference_url":"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14","reference_id":"security-10.html#Fixed_in_Apache_Tomcat_10.1.14","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1216123","reference_id":"show_bug.cgi?id=1216123","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1216123"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242803","reference_id":"show_bug.cgi?id=2242803","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242803"},{"reference_url":"https://bugzilla.proxmox.com/show_bug.cgi?id=4988","reference_id":"show_bug.cgi?id=4988","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.proxmox.com/show_bug.cgi?id=4988"},{"reference_url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/","reference_id":"technical-breakdown-http2-rapid-reset-ddos-attack","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"},{"reference_url":"https://usn.ubuntu.com/6427-1/","reference_id":"USN-6427-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6427-1/"},{"reference_url":"https://usn.ubuntu.com/6427-2/","reference_id":"USN-6427-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6427-2/"},{"reference_url":"https://usn.ubuntu.com/6438-1/","reference_id":"USN-6438-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6438-1/"},{"reference_url":"https://usn.ubuntu.com/6505-1/","reference_id":"USN-6505-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6505-1/"},{"reference_url":"https://usn.ubuntu.com/6574-1/","reference_id":"USN-6574-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6574-1/"},{"reference_url":"https://usn.ubuntu.com/6754-1/","reference_id":"USN-6754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6754-1/"},{"reference_url":"https://usn.ubuntu.com/6994-1/","reference_id":"USN-6994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6994-1/"},{"reference_url":"https://usn.ubuntu.com/7067-1/","reference_id":"USN-7067-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7067-1/"},{"reference_url":"https://usn.ubuntu.com/7410-1/","reference_id":"USN-7410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7410-1/"},{"reference_url":"https://usn.ubuntu.com/7469-1/","reference_id":"USN-7469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-1/"},{"reference_url":"https://usn.ubuntu.com/7469-2/","reference_id":"USN-7469-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-2/"},{"reference_url":"https://usn.ubuntu.com/7469-3/","reference_id":"USN-7469-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-3/"},{"reference_url":"https://usn.ubuntu.com/7469-4/","reference_id":"USN-7469-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-4/"},{"reference_url":"https://usn.ubuntu.com/7892-1/","reference_id":"USN-7892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7892-1/"},{"reference_url":"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0","reference_id":"v1.57.0","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"},{"reference_url":"https://github.com/grpc/grpc/releases/tag/v1.59.2","reference_id":"v1.59.2","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/grpc/grpc/releases/tag/v1.59.2"},{"reference_url":"https://github.com/caddyserver/caddy/releases/tag/v2.7.5","reference_id":"v2.7.5","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/caddyserver/caddy/releases/tag/v2.7.5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","reference_id":"VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/","reference_id":"VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/","reference_id":"WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/","reference_id":"WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","reference_id":"X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/","reference_id":"XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/","reference_id":"ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"},{"reference_url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/","reference_id":"zero-day-rapid-reset-http2-record-breaking-ddos-attack","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","reference_id":"ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/","reference_id":"ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106063?format=json","purl":"pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106067?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106062?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2023-44487","GHSA-qppj-fm5r-hxr3","VSV00013"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1weg-s38v-nkh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209295?format=json","vulnerability_id":"VCID-2egh-2caf-pbf7","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31778","reference_id":"","reference_type":"","scores":[{"value":"0.02239","scoring_system":"epss","scoring_elements":"0.84916","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106054?format=json","purl":"pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106053?format=json","purl":"pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-31778"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2egh-2caf-pbf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206507?format=json","vulnerability_id":"VCID-2hw4-j4f4-m3bc","summary":"A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8022","reference_id":"","reference_type":"","scores":[{"value":"0.06136","scoring_system":"epss","scoring_elements":"0.91005","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8022"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106041?format=json","purl":"pkg:deb/debian/trafficserver@7.0.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2018-8022"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2hw4-j4f4-m3bc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199291?format=json","vulnerability_id":"VCID-3f3x-tkca-uyb4","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37147","reference_id":"","reference_type":"","scores":[{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.7598","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106052?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106051?format=json","purl":"pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-37147"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3f3x-tkca-uyb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175210?format=json","vulnerability_id":"VCID-43jf-uwae-ubcd","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8040","reference_id":"","reference_type":"","scores":[{"value":"0.07825","scoring_system":"epss","scoring_elements":"0.92171","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106044?format=json","purl":"pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2018-8040"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43jf-uwae-ubcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199292?format=json","vulnerability_id":"VCID-449z-5318-g3gb","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37148","reference_id":"","reference_type":"","scores":[{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80591","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106052?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106051?format=json","purl":"pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-37148"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-449z-5318-g3gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219202?format=json","vulnerability_id":"VCID-4ef3-7xzk-hyac","summary":"Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on the experimental Slicer plugin.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27737","reference_id":"","reference_type":"","scores":[{"value":"0.09467","scoring_system":"epss","scoring_elements":"0.93","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27737"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106032?format=json","purl":"pkg:deb/debian/trafficserver@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-27737"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ef3-7xzk-hyac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219201?format=json","vulnerability_id":"VCID-4jay-z3a9-vbhx","summary":"Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2952","reference_id":"","reference_type":"","scores":[{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.79361","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2952"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106032?format=json","purl":"pkg:deb/debian/trafficserver@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2010-2952"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4jay-z3a9-vbhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/146868?format=json","vulnerability_id":"VCID-4mja-57zu-v7d3","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2.\n\nUsers are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41752","reference_id":"","reference_type":"","scores":[{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57667","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427","reference_id":"1054427","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427"},{"reference_url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_id":"5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:48:24Z/"}],"url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"},{"reference_url":"https://www.debian.org/security/2023/dsa-5549","reference_id":"dsa-5549","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:48:24Z/"}],"url":"https://www.debian.org/security/2023/dsa-5549"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","reference_id":"JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:48:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:48:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","reference_id":"VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:48:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","reference_id":"ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:48:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106063?format=json","purl":"pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106067?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106062?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2023-41752"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mja-57zu-v7d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199281?format=json","vulnerability_id":"VCID-52zt-8dbk-dkgj","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32567","reference_id":"","reference_type":"","scores":[{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92235","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303","reference_id":"990303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106050?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-32567"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-52zt-8dbk-dkgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/163418?format=json","vulnerability_id":"VCID-5m1z-ruks-zuca","summary":"Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25763","reference_id":"","reference_type":"","scores":[{"value":"0.01089","scoring_system":"epss","scoring_elements":"0.78334","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/","reference_id":"CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5206","reference_id":"dsa-5206","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/"}],"url":"https://www.debian.org/security/2022/dsa-5206"},{"reference_url":"https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21","reference_id":"rc64lwbdgrkv674koc3zl1sljr9vwg21","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/"}],"url":"https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/","reference_id":"ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106054?format=json","purl":"pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106053?format=json","purl":"pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-25763"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5m1z-ruks-zuca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/172225?format=json","vulnerability_id":"VCID-5msk-bkam-auh8","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7671","reference_id":"","reference_type":"","scores":[{"value":"0.0427","scoring_system":"epss","scoring_elements":"0.89077","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7671"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106042?format=json","purl":"pkg:deb/debian/trafficserver@7.1.2%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.2%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-7671"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5msk-bkam-auh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/195153?format=json","vulnerability_id":"VCID-5nzq-dk2v-93a2","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17508","reference_id":"","reference_type":"","scores":[{"value":"0.02656","scoring_system":"epss","scoring_elements":"0.86105","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106047?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2020-17508"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5nzq-dk2v-93a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175208?format=json","vulnerability_id":"VCID-5s6t-vdy8-eqfb","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8004","reference_id":"","reference_type":"","scores":[{"value":"0.02594","scoring_system":"epss","scoring_elements":"0.85925","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106044?format=json","purl":"pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2018-8004"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5s6t-vdy8-eqfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42421?format=json","vulnerability_id":"VCID-6gv8-h6dn-17ae","summary":"Improper Access Control vulnerability in Apache Traffic Server.\n\nThis issue affects Apache Traffic Server: from 10.0.0 through 10.0.3.\n\nUsers are recommended to upgrade to version 10.0.4, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56196","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22513","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56196"},{"reference_url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023","reference_id":"btofzws2yqskk2n7f01r3l1819x01023","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:37:33Z/"}],"url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106032?format=json","purl":"pkg:deb/debian/trafficserver@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2024-56196"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6gv8-h6dn-17ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/170556?format=json","vulnerability_id":"VCID-6hf8-wt49-4fbs","summary":"Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions.\n\nThis issue affects Apache Traffic Server: from 8.0.0 through 9.1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32749","reference_id":"","reference_type":"","scores":[{"value":"0.06551","scoring_system":"epss","scoring_elements":"0.91343","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392"},{"reference_url":"https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02","reference_id":"mrj2lg4s0hf027rk7gz8t7hbn9xpfg02","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:46Z/"}],"url":"https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106058?format=json","purl":"pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.6%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106057?format=json","purl":"pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-32749"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hf8-wt49-4fbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199279?format=json","vulnerability_id":"VCID-8cbd-gk86-rya4","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32565","reference_id":"","reference_type":"","scores":[{"value":"0.05675","scoring_system":"epss","scoring_elements":"0.90594","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303","reference_id":"990303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106050?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-32565"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8cbd-gk86-rya4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37541?format=json","vulnerability_id":"VCID-8yxn-u5ac-yybn","summary":"Improper Input Validation vulnerability in Apache Traffic Server.\n\nThis issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3.\n\nUsers are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38311","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19261","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38311"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691","reference_id":"1099691","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691"},{"reference_url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023","reference_id":"btofzws2yqskk2n7f01r3l1819x01023","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:35:26Z/"}],"url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106070?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2024-38311"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8yxn-u5ac-yybn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56819?format=json","vulnerability_id":"VCID-93qp-64eg-k3hj","summary":"Valid Host header field can cause Apache Traffic Server to crash on some platforms.\n\nThis issue affects Apache Traffic Server: from 9.2.0 through 9.2.5.\n\nUsers are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50305","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55243","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50305"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531","reference_id":"1087531","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531"},{"reference_url":"https://usn.ubuntu.com/8050-1/","reference_id":"USN-8050-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8050-1/"},{"reference_url":"https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y","reference_id":"y15fh6c7kyqvzm0f9odw7c5jh4r4np0y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:12:16Z/"}],"url":"https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106070?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2024-50305"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-93qp-64eg-k3hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139426?format=json","vulnerability_id":"VCID-987b-4wpx-bqfn","summary":"Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2.\n\nUsers are recommended to upgrade to version 9.2.3, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39456","reference_id":"","reference_type":"","scores":[{"value":"0.07819","scoring_system":"epss","scoring_elements":"0.92169","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39456"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427","reference_id":"1054427","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427"},{"reference_url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_id":"5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:44:04Z/"}],"url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"},{"reference_url":"https://www.debian.org/security/2023/dsa-5549","reference_id":"dsa-5549","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:44:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5549"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","reference_id":"JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:44:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","reference_id":"VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:44:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","reference_id":"ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:44:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106032?format=json","purl":"pkg:deb/debian/trafficserver@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106067?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106062?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2023-39456"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-987b-4wpx-bqfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199294?format=json","vulnerability_id":"VCID-adqf-2wkv-skbc","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38161","reference_id":"","reference_type":"","scores":[{"value":"0.01167","scoring_system":"epss","scoring_elements":"0.79051","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106052?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106055?format=json","purl":"pkg:deb/debian/trafficserver@9.1.0%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.0%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-38161"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-adqf-2wkv-skbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209787?format=json","vulnerability_id":"VCID-asae-fgy9-wfdk","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30631","reference_id":"","reference_type":"","scores":[{"value":"0.00662","scoring_system":"epss","scoring_elements":"0.71631","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248","reference_id":"1038248","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106060?format=json","purl":"pkg:deb/debian/trafficserver@8.1.7%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.7%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106059?format=json","purl":"pkg:deb/debian/trafficserver@9.2.0%2Bds-2%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.0%252Bds-2%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106061?format=json","purl":"pkg:deb/debian/trafficserver@9.2.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2023-30631"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-asae-fgy9-wfdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219204?format=json","vulnerability_id":"VCID-au5r-gk8w-qke6","summary":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43082","reference_id":"","reference_type":"","scores":[{"value":"0.01102","scoring_system":"epss","scoring_elements":"0.78475","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43082"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106032?format=json","purl":"pkg:deb/debian/trafficserver@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106051?format=json","purl":"pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-43082"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-au5r-gk8w-qke6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209296?format=json","vulnerability_id":"VCID-b767-nfue-u7a5","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31779","reference_id":"","reference_type":"","scores":[{"value":"0.02849","scoring_system":"epss","scoring_elements":"0.86543","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106054?format=json","purl":"pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106053?format=json","purl":"pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-31779"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b767-nfue-u7a5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186481?format=json","vulnerability_id":"VCID-bvwm-un9u-e7a6","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17559","reference_id":"","reference_type":"","scores":[{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80906","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106046?format=json","purl":"pkg:deb/debian/trafficserver@8.0.6%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.6%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2019-17559"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvwm-un9u-e7a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199296?format=json","vulnerability_id":"VCID-c8kh-wgkd-3bfg","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44759","reference_id":"","reference_type":"","scores":[{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.84058","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106052?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106055?format=json","purl":"pkg:deb/debian/trafficserver@9.1.0%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.0%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-44759"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8kh-wgkd-3bfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44123?format=json","vulnerability_id":"VCID-dt2v-syyv-nqgx","summary":"Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests.\n\nThis issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.\n\nUsers are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35296","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30708","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141","reference_id":"1077141","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141"},{"reference_url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_id":"c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T14:01:18Z/"}],"url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106066?format=json","purl":"pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106065?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2024-35296"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dt2v-syyv-nqgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175207?format=json","vulnerability_id":"VCID-dzg4-mhqr-u3gf","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1318","reference_id":"","reference_type":"","scores":[{"value":"0.14594","scoring_system":"epss","scoring_elements":"0.94628","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106044?format=json","purl":"pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2018-1318"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzg4-mhqr-u3gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173155?format=json","vulnerability_id":"VCID-f8tx-3uf5-7uc1","summary":"Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47185","reference_id":"","reference_type":"","scores":[{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68721","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430","reference_id":"1043430","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/","reference_id":"BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:22:26Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5549","reference_id":"dsa-5549","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:22:26Z/"}],"url":"https://www.debian.org/security/2023/dsa-5549"},{"reference_url":"https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc","reference_id":"jsl6dfdgs1mjjo1mbtyflyjr7xftswhc","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:22:26Z/"}],"url":"https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html","reference_id":"msg00042.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:22:26Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106063?format=json","purl":"pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106064?format=json","purl":"pkg:deb/debian/trafficserver@9.2.2%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.2%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106062?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-47185"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8tx-3uf5-7uc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42477?format=json","vulnerability_id":"VCID-faeh-ns6e-73g2","summary":"Expected Behavior Violation vulnerability in Apache Traffic Server.\n\nThis issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3.\n\nUsers are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56202","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44137","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56202"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691","reference_id":"1099691","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691"},{"reference_url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023","reference_id":"btofzws2yqskk2n7f01r3l1819x01023","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:38:08Z/"}],"url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106070?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2024-56202"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-faeh-ns6e-73g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97745?format=json","vulnerability_id":"VCID-fj9t-1ttk-uqcu","summary":"ESI plugin does not have the limit for maximum inclusion depth, and that allows excessive memory consumption if malicious instructions are inserted.\n\nUsers can use a new setting for the plugin (--max-inclusion-depth) to limit it.\nThis issue affects Apache Traffic Server: from 10.0.0 through 10.0.5, from 9.0.0 through 9.2.10.\n\nUsers are recommended to upgrade to version 9.2.11 or 10.0.6,  which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49763.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49763","reference_id":"","reference_type":"","scores":[{"value":"0.04008","scoring_system":"epss","scoring_elements":"0.88701","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49763"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044","reference_id":"1108044","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044"},{"reference_url":"https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8","reference_id":"15t32nxbypqg1m2smp640vjx89o6v5f8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-20T13:56:03Z/"}],"url":"https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373845","reference_id":"2373845","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373845"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106072?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2025-49763"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fj9t-1ttk-uqcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209239?format=json","vulnerability_id":"VCID-fyjm-tpgn-73gx","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28129","reference_id":"","reference_type":"","scores":[{"value":"0.03194","scoring_system":"epss","scoring_elements":"0.87273","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106054?format=json","purl":"pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106053?format=json","purl":"pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-28129"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fyjm-tpgn-73gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203966?format=json","vulnerability_id":"VCID-g28t-qx2s-ebbp","summary":"Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5206","reference_id":"","reference_type":"","scores":[{"value":"0.01903","scoring_system":"epss","scoring_elements":"0.83647","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5206"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106040?format=json","purl":"pkg:deb/debian/trafficserver@6.0.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@6.0.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2015-5206"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g28t-qx2s-ebbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199206?format=json","vulnerability_id":"VCID-gaxc-v36x-2kb6","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9494","reference_id":"","reference_type":"","scores":[{"value":"0.0198","scoring_system":"epss","scoring_elements":"0.83948","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9494"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963629","reference_id":"963629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963629"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106049?format=json","purl":"pkg:deb/debian/trafficserver@8.0.8%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.8%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2020-9494"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gaxc-v36x-2kb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219203?format=json","vulnerability_id":"VCID-guam-415q-vkg7","summary":"Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41585","reference_id":"","reference_type":"","scores":[{"value":"0.01399","scoring_system":"epss","scoring_elements":"0.80833","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106032?format=json","purl":"pkg:deb/debian/trafficserver@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-41585"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-guam-415q-vkg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204468?format=json","vulnerability_id":"VCID-gyt2-x57p-tqak","summary":"Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5396","reference_id":"","reference_type":"","scores":[{"value":"0.01806","scoring_system":"epss","scoring_elements":"0.8322","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5396"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106041?format=json","purl":"pkg:deb/debian/trafficserver@7.0.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2016-5396"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gyt2-x57p-tqak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186483?format=json","vulnerability_id":"VCID-hkhb-mw53-uufq","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1944","reference_id":"","reference_type":"","scores":[{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.79376","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106046?format=json","purl":"pkg:deb/debian/trafficserver@8.0.6%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.6%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2020-1944"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkhb-mw53-uufq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211381?format=json","vulnerability_id":"VCID-k6yx-663g-nqer","summary":"A bug in POST request handling causes a crash under a certain condition.  This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12.  Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue.  A workaround for older versions is to set proxy.config.http.request_buffer_enabled to 0 (the default value is 0).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58136","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.5959","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58136"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717","reference_id":"1132717","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2025-58136"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k6yx-663g-nqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37231?format=json","vulnerability_id":"VCID-ma6w-65j9-1bh8","summary":"Improper Input Validation vulnerability in Apache Traffic Server.\n\nThis issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.5.\n\nUsers are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38479","reference_id":"","reference_type":"","scores":[{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.72235","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38479"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531","reference_id":"1087531","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531"},{"reference_url":"https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y","reference_id":"y15fh6c7kyqvzm0f9odw7c5jh4r4np0y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:51:08Z/"}],"url":"https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106071?format=json","purl":"pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106070?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2024-38479"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ma6w-65j9-1bh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199295?format=json","vulnerability_id":"VCID-mfa7-g7dd-xkcr","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44040","reference_id":"","reference_type":"","scores":[{"value":"0.02606","scoring_system":"epss","scoring_elements":"0.8596","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106052?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106056?format=json","purl":"pkg:deb/debian/trafficserver@9.1.2%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.2%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-44040"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfa7-g7dd-xkcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199282?format=json","vulnerability_id":"VCID-mtf7-8nus-2bdq","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35474","reference_id":"","reference_type":"","scores":[{"value":"0.09211","scoring_system":"epss","scoring_elements":"0.92891","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303","reference_id":"990303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106050?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-35474"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mtf7-8nus-2bdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/143981?format=json","vulnerability_id":"VCID-ng1t-s7yw-k7fj","summary":"Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33934","reference_id":"","reference_type":"","scores":[{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65881","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430","reference_id":"1043430","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/","reference_id":"BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5549","reference_id":"dsa-5549","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/"}],"url":"https://www.debian.org/security/2023/dsa-5549"},{"reference_url":"https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc","reference_id":"jsl6dfdgs1mjjo1mbtyflyjr7xftswhc","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/"}],"url":"https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html","reference_id":"msg00042.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106063?format=json","purl":"pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106064?format=json","purl":"pkg:deb/debian/trafficserver@9.2.2%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.2%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106062?format=json","purl":"pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2023-33934"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ng1t-s7yw-k7fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7359?format=json","vulnerability_id":"VCID-nuj7-mvxq-jqdx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9515.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9515.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9515","reference_id":"","reference_type":"","scores":[{"value":"0.08892","scoring_system":"epss","scoring_elements":"0.92748","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735745","reference_id":"1735745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886","reference_id":"934886","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887","reference_id":"934887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2766","reference_id":"RHSA-2019:2766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2796","reference_id":"RHSA-2019:2796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2861","reference_id":"RHSA-2019:2861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"RHSA-2019:2925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"RHSA-2019:2939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"RHSA-2019:2955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3892","reference_id":"RHSA-2019:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4018","reference_id":"RHSA-2019:4018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4019","reference_id":"RHSA-2019:4019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4020","reference_id":"RHSA-2019:4020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4021","reference_id":"RHSA-2019:4021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4040","reference_id":"RHSA-2019:4040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4041","reference_id":"RHSA-2019:4041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4042","reference_id":"RHSA-2019:4042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4045","reference_id":"RHSA-2019:4045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0727","reference_id":"RHSA-2020:0727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2565","reference_id":"RHSA-2020:2565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3196","reference_id":"RHSA-2020:3196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3197","reference_id":"RHSA-2020:3197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5856","reference_id":"RHSA-2024:5856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5856"},{"reference_url":"https://usn.ubuntu.com/USN-4866-1/","reference_id":"USN-USN-4866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4866-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106045?format=json","purl":"pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2019-9515"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nuj7-mvxq-jqdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42632?format=json","vulnerability_id":"VCID-p3hf-w849-w3b5","summary":"Improper Access Control vulnerability in Apache Traffic Server.\n\nThis issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3.\n\nUsers are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56195","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18882","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56195"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691","reference_id":"1099691","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691"},{"reference_url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023","reference_id":"btofzws2yqskk2n7f01r3l1819x01023","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:36:13Z/"}],"url":"https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106070?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2024-56195"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p3hf-w849-w3b5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/144236?format=json","vulnerability_id":"VCID-p4fk-sttq-17an","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.\n\n8.x users should upgrade to 8.1.7 or later versions\n9.x users should upgrade to 9.2.1 or later versions","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33933","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34794","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248","reference_id":"1038248","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/","reference_id":"6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5435","reference_id":"dsa-5435","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5435"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/","reference_id":"FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html","reference_id":"msg00037.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html"},{"reference_url":"https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs","reference_id":"tns2b4khyyncgs5v5p9y35pobg9z2bvs","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/"}],"url":"https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106060?format=json","purl":"pkg:deb/debian/trafficserver@8.1.7%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.7%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106059?format=json","purl":"pkg:deb/debian/trafficserver@9.2.0%2Bds-2%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.0%252Bds-2%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106061?format=json","purl":"pkg:deb/debian/trafficserver@9.2.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2023-33933"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4fk-sttq-17an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44287?format=json","vulnerability_id":"VCID-p7jn-xfa4-53hy","summary":"Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.\n\nThis issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.\n\nUsers can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section.\nUsers are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35161","reference_id":"","reference_type":"","scores":[{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.64198","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141","reference_id":"1077141","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141"},{"reference_url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_id":"c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-31T17:38:35Z/"}],"url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106066?format=json","purl":"pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106065?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2024-35161"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p7jn-xfa4-53hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175209?format=json","vulnerability_id":"VCID-pamk-n3xz-xkc9","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8005","reference_id":"","reference_type":"","scores":[{"value":"0.06689","scoring_system":"epss","scoring_elements":"0.91448","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106044?format=json","purl":"pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2018-8005"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pamk-n3xz-xkc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/155999?format=json","vulnerability_id":"VCID-qvcf-f5md-6bam","summary":"Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37150","reference_id":"","reference_type":"","scores":[{"value":"0.01159","scoring_system":"epss","scoring_elements":"0.78994","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/","reference_id":"CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5206","reference_id":"dsa-5206","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/"}],"url":"https://www.debian.org/security/2022/dsa-5206"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00019.html","reference_id":"msg00019.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00019.html"},{"reference_url":"https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21","reference_id":"rc64lwbdgrkv674koc3zl1sljr9vwg21","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/"}],"url":"https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/","reference_id":"ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106054?format=json","purl":"pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106053?format=json","purl":"pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-37150"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qvcf-f5md-6bam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42828?format=json","vulnerability_id":"VCID-rbg6-9z77-j7bq","summary":"HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server.  Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected.\n\nUsers can set a new setting (proxy.config.http2.max_continuation_frames_per_minute) to limit the number of CONTINUATION frames per minute.  ATS does have a fixed amount of memory a request can use and ATS adheres to these limits in previous releases.\nUsers are recommended to upgrade to versions 8.1.10 or 9.2.4 which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31309.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31309","reference_id":"","reference_type":"","scores":[{"value":"0.10847","scoring_system":"epss","scoring_elements":"0.93536","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31309"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068417","reference_id":"1068417","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068417"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/03/16","reference_id":"16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/03/16"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269627","reference_id":"2269627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269627"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/10/7","reference_id":"7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/10/7"},{"reference_url":"https://lists.apache.org/thread/f9qh3g3jvy153wh82pz4onrfj1wh13kc","reference_id":"f9qh3g3jvy153wh82pz4onrfj1wh13kc","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/"}],"url":"https://lists.apache.org/thread/f9qh3g3jvy153wh82pz4onrfj1wh13kc"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00021.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBKLPQ6ECG4PGEPRCYI3Y3OITNDEFCCV/","reference_id":"PBKLPQ6ECG4PGEPRCYI3Y3OITNDEFCCV","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBKLPQ6ECG4PGEPRCYI3Y3OITNDEFCCV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV77HYM7ARSTL3B6U3IFG7PHDU65WL4I/","reference_id":"QV77HYM7ARSTL3B6U3IFG7PHDU65WL4I","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV77HYM7ARSTL3B6U3IFG7PHDU65WL4I/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3XON6RM5ZKCZ6K6NB7BOTAWMJQKXJDO/","reference_id":"T3XON6RM5ZKCZ6K6NB7BOTAWMJQKXJDO","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3XON6RM5ZKCZ6K6NB7BOTAWMJQKXJDO/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106068?format=json","purl":"pkg:deb/debian/trafficserver@9.2.4%2Bds-0%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.4%252Bds-0%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106069?format=json","purl":"pkg:deb/debian/trafficserver@9.2.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2024-31309"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbg6-9z77-j7bq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7362?format=json","vulnerability_id":"VCID-rqv1-n1b9-73a1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9518.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9518","reference_id":"","reference_type":"","scores":[{"value":"0.03578","scoring_system":"epss","scoring_elements":"0.8801","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735749","reference_id":"1735749","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735749"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935314","reference_id":"935314","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"RHSA-2019:2925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"RHSA-2019:2939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"RHSA-2019:2955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3892","reference_id":"RHSA-2019:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0727","reference_id":"RHSA-2020:0727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3196","reference_id":"RHSA-2020:3196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3197","reference_id":"RHSA-2020:3197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3197"},{"reference_url":"https://usn.ubuntu.com/USN-4866-1/","reference_id":"USN-USN-4866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4866-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106045?format=json","purl":"pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2019-9518"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqv1-n1b9-73a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199278?format=json","vulnerability_id":"VCID-ry56-3r7e-e3az","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27577","reference_id":"","reference_type":"","scores":[{"value":"0.01205","scoring_system":"epss","scoring_elements":"0.79352","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303","reference_id":"990303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106050?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-27577"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ry56-3r7e-e3az"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104295?format=json","vulnerability_id":"VCID-sa2k-f5rf-sfgg","summary":"ACL configured in ip_allow.config or remap.config does not use IP addresses that are provided by PROXY protocol.\n\nUsers can use a new setting (proxy.config.acl.subjects) to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. \nThis issue affects undefined: from 10.0.0 through 10.0.6, from 9.0.0 through 9.2.10.\n\nUsers are recommended to upgrade to version 9.2.11 or 10.0.6, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31698.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-31698","reference_id":"","reference_type":"","scores":[{"value":"0.00753","scoring_system":"epss","scoring_elements":"0.73643","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-31698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31698"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044","reference_id":"1108044","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044"},{"reference_url":"https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8","reference_id":"15t32nxbypqg1m2smp640vjx89o6v5f8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-20T13:31:33Z/"}],"url":"https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373846","reference_id":"2373846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373846"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106072?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2025-31698"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sa2k-f5rf-sfgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44638?format=json","vulnerability_id":"VCID-shj4-4p2k-qfg5","summary":"Apache Traffic Server allows request smuggling if chunked messages are malformed. \n\n\n\n\n\nThis issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0 through 10.0.4.\n\nUsers are recommended to upgrade to version 9.2.10 or 10.0.5, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53868","reference_id":"","reference_type":"","scores":[{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52929","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53868"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101996","reference_id":"1101996","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101996"},{"reference_url":"https://lists.apache.org/thread/rwyx91rsrnmpjbm04footfjjf6m9d1c9","reference_id":"rwyx91rsrnmpjbm04footfjjf6m9d1c9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-18T14:37:32Z/"}],"url":"https://lists.apache.org/thread/rwyx91rsrnmpjbm04footfjjf6m9d1c9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106072?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2024-53868"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shj4-4p2k-qfg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199293?format=json","vulnerability_id":"VCID-swv7-dcm4-gket","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37149","reference_id":"","reference_type":"","scores":[{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80591","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106052?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106051?format=json","purl":"pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-37149"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swv7-dcm4-gket"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205150?format=json","vulnerability_id":"VCID-szf6-xpm4-xfan","summary":"Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5659","reference_id":"","reference_type":"","scores":[{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83927","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5659"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106041?format=json","purl":"pkg:deb/debian/trafficserver@7.0.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-5659"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-szf6-xpm4-xfan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91158?format=json","vulnerability_id":"VCID-t9ba-ud3b-z3b8","summary":"Apache Traffic Server allows request smuggling if chunked messages are malformed. \n\nThis issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1.\n\nUsers are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65114","reference_id":"","reference_type":"","scores":[{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54749","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65114"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717","reference_id":"1132717","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717"},{"reference_url":"https://lists.apache.org/thread/2s11roxlv1j8ph6q52rqo1klvl01n14q","reference_id":"2s11roxlv1j8ph6q52rqo1klvl01n14q","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T18:09:43Z/"}],"url":"https://lists.apache.org/thread/2s11roxlv1j8ph6q52rqo1klvl01n14q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2025-65114"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t9ba-ud3b-z3b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56584?format=json","vulnerability_id":"VCID-thsb-1fs9-q3b3","summary":"Unchecked return value can allow Apache Traffic Server to retain privileges on startup.\n\nThis issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1.\n\nUsers are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50306","reference_id":"","reference_type":"","scores":[{"value":"0.0082","scoring_system":"epss","scoring_elements":"0.7483","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50306"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531","reference_id":"1087531","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531"},{"reference_url":"https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y","reference_id":"y15fh6c7kyqvzm0f9odw7c5jh4r4np0y","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:07:42Z/"}],"url":"https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106071?format=json","purl":"pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106070?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}],"aliases":["CVE-2024-50306"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-thsb-1fs9-q3b3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/172961?format=json","vulnerability_id":"VCID-twjb-nwce-7kdw","summary":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47184","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46681","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-47184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248","reference_id":"1038248","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/","reference_id":"6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5435","reference_id":"dsa-5435","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/"}],"url":"https://www.debian.org/security/2023/dsa-5435"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/","reference_id":"FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html","reference_id":"msg00037.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html"},{"reference_url":"https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs","reference_id":"tns2b4khyyncgs5v5p9y35pobg9z2bvs","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/"}],"url":"https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106060?format=json","purl":"pkg:deb/debian/trafficserver@8.1.7%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.7%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106059?format=json","purl":"pkg:deb/debian/trafficserver@9.2.0%2Bds-2%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.0%252Bds-2%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106061?format=json","purl":"pkg:deb/debian/trafficserver@9.2.1%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.1%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-47184"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twjb-nwce-7kdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203963?format=json","vulnerability_id":"VCID-ubcz-t7f5-qyhs","summary":"Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5168","reference_id":"","reference_type":"","scores":[{"value":"0.01885","scoring_system":"epss","scoring_elements":"0.83575","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5168","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5168"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106040?format=json","purl":"pkg:deb/debian/trafficserver@6.0.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@6.0.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2015-5168"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubcz-t7f5-qyhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186482?format=json","vulnerability_id":"VCID-uedn-7g65-bybn","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17565","reference_id":"","reference_type":"","scores":[{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.79376","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106046?format=json","purl":"pkg:deb/debian/trafficserver@8.0.6%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.6%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2019-17565"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uedn-7g65-bybn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203391?format=json","vulnerability_id":"VCID-uzkf-8ddh-9kf6","summary":"Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, 4.x before 4.2.1.1, and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3525","reference_id":"","reference_type":"","scores":[{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79903","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3525"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106037?format=json","purl":"pkg:deb/debian/trafficserver@5.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2014-3525"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzkf-8ddh-9kf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7358?format=json","vulnerability_id":"VCID-v5bk-5vtj-4ud9","summary":"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4352","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4352"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9514","reference_id":"","reference_type":"","scores":[{"value":"0.09322","scoring_system":"epss","scoring_elements":"0.92938","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Aug/16","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Aug/16"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"},{"reference_url":"https://go.dev/cl/190137","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/190137"},{"reference_url":"https://go.dev/issue/33606","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/33606"},{"reference_url":"https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5"},{"reference_url":"https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ"},{"reference_url":"https://kb.cert.org/vuls/id/605641","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kb.cert.org/vuls/id/605641"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10296","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10296"},{"reference_url":"https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9514","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9514"},{"reference_url":"https://pkg.go.dev/vuln/GO-2022-0536","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pkg.go.dev/vuln/GO-2022-0536"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/24","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/24"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/31","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/31"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/43","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/43"},{"reference_url":"https://seclists.org/bugtraq/2019/Sep/18","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Sep/18"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0005","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0005"},{"reference_url":"https://support.f5.com/csp/article/K01988340","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K01988340"},{"reference_url":"https://support.f5.com/csp/article/K01988340?utm_source=f5support&utm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K01988340?utm_source=f5support&utm_medium=RSS"},{"reference_url":"https://usn.ubuntu.com/4308-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-1"},{"reference_url":"https://www.debian.org/security/2019/dsa-4503","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4503"},{"reference_url":"https://www.debian.org/security/2019/dsa-4508","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4508"},{"reference_url":"https://www.debian.org/security/2019/dsa-4520","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4520"},{"reference_url":"https://www.debian.org/security/2020/dsa-4669","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2020/dsa-4669"},{"reference_url":"https://www.synology.com/security/advisory/Synology_SA_19_33","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.synology.com/security/advisory/Synology_SA_19_33"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/08/20/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/08/20/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667","reference_id":"1062667","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735744","reference_id":"1735744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735744"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885","reference_id":"934885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886","reference_id":"934886","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887","reference_id":"934887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887"},{"reference_url":"https://security.archlinux.org/ASA-201908-15","reference_id":"ASA-201908-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-15"},{"reference_url":"https://security.archlinux.org/AVG-1021","reference_id":"AVG-1021","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2594","reference_id":"RHSA-2019:2594","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2661","reference_id":"RHSA-2019:2661","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2682","reference_id":"RHSA-2019:2682","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2690","reference_id":"RHSA-2019:2690","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2726","reference_id":"RHSA-2019:2726","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2766","reference_id":"RHSA-2019:2766","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2769","reference_id":"RHSA-2019:2769","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2796","reference_id":"RHSA-2019:2796","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2817","reference_id":"RHSA-2019:2817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2861","reference_id":"RHSA-2019:2861","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"RHSA-2019:2925","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"RHSA-2019:2939","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"RHSA-2019:2955","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2966","reference_id":"RHSA-2019:2966","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3131","reference_id":"RHSA-2019:3131","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3245","reference_id":"RHSA-2019:3245","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3265","reference_id":"RHSA-2019:3265","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3892","reference_id":"RHSA-2019:3892","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3906","reference_id":"RHSA-2019:3906","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4018","reference_id":"RHSA-2019:4018","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4019","reference_id":"RHSA-2019:4019","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4020","reference_id":"RHSA-2019:4020","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4021","reference_id":"RHSA-2019:4021","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4040","reference_id":"RHSA-2019:4040","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4041","reference_id":"RHSA-2019:4041","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4042","reference_id":"RHSA-2019:4042","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4045","reference_id":"RHSA-2019:4045","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4269","reference_id":"RHSA-2019:4269","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4273","reference_id":"RHSA-2019:4273","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0406","reference_id":"RHSA-2020:0406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0727","reference_id":"RHSA-2020:0727","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2565","reference_id":"RHSA-2020:2565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3196","reference_id":"RHSA-2020:3196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3197","reference_id":"RHSA-2020:3197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5856","reference_id":"RHSA-2024:5856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5856"},{"reference_url":"https://usn.ubuntu.com/USN-4866-1/","reference_id":"USN-USN-4866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4866-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106045?format=json","purl":"pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2019-9514","GHSA-39qc-96h7-956f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v5bk-5vtj-4ud9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186253?format=json","vulnerability_id":"VCID-vzv5-88x2-2fec","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10079","reference_id":"","reference_type":"","scores":[{"value":"0.05102","scoring_system":"epss","scoring_elements":"0.90043","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106045?format=json","purl":"pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2019-10079"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vzv5-88x2-2fec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/132325?format=json","vulnerability_id":"VCID-w3m3-xq55-vbe5","summary":"Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.\n\nThis issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.\n\nUsers are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38522","reference_id":"","reference_type":"","scores":[{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65917","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38522"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141","reference_id":"1077141","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141"},{"reference_url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_id":"c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T13:37:29Z/"}],"url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106066?format=json","purl":"pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106065?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2023-38522"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w3m3-xq55-vbe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186484?format=json","vulnerability_id":"VCID-wb9m-1gav-qbeb","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9481","reference_id":"","reference_type":"","scores":[{"value":"0.05231","scoring_system":"epss","scoring_elements":"0.90172","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106048?format=json","purl":"pkg:deb/debian/trafficserver@8.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.7%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2020-9481"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wb9m-1gav-qbeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202174?format=json","vulnerability_id":"VCID-wpkc-u231-9qdv","summary":"Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0256","reference_id":"","reference_type":"","scores":[{"value":"0.01643","scoring_system":"epss","scoring_elements":"0.82373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0256"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106035?format=json","purl":"pkg:deb/debian/trafficserver@3.0.4-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@3.0.4-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2012-0256"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpkc-u231-9qdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/172224?format=json","vulnerability_id":"VCID-x4k8-zdx8-hfhj","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5660","reference_id":"","reference_type":"","scores":[{"value":"0.02584","scoring_system":"epss","scoring_elements":"0.85902","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5660"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106042?format=json","purl":"pkg:deb/debian/trafficserver@7.1.2%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.2%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2017-5660"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4k8-zdx8-hfhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173752?format=json","vulnerability_id":"VCID-y4gt-cab6-3bhm","summary":"Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40743","reference_id":"","reference_type":"","scores":[{"value":"0.08233","scoring_system":"epss","scoring_elements":"0.92408","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40743"},{"reference_url":"https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02","reference_id":"mrj2lg4s0hf027rk7gz8t7hbn9xpfg02","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:19:23Z/"}],"url":"https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106032?format=json","purl":"pkg:deb/debian/trafficserver@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106057?format=json","purl":"pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-40743"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4gt-cab6-3bhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203418?format=json","vulnerability_id":"VCID-y8qg-nemv-zfa6","summary":"Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3624","reference_id":"","reference_type":"","scores":[{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.60281","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106038?format=json","purl":"pkg:deb/debian/trafficserver@5.0.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.0.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2014-3624"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8qg-nemv-zfa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203913?format=json","vulnerability_id":"VCID-yd27-98k7-ebe8","summary":"The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3249","reference_id":"","reference_type":"","scores":[{"value":"0.04233","scoring_system":"epss","scoring_elements":"0.89017","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3249"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106039?format=json","purl":"pkg:deb/debian/trafficserver@5.3.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.3.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2015-3249"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yd27-98k7-ebe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209297?format=json","vulnerability_id":"VCID-yfg1-mg13-d7ay","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31780","reference_id":"","reference_type":"","scores":[{"value":"0.04835","scoring_system":"epss","scoring_elements":"0.89756","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106054?format=json","purl":"pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106053?format=json","purl":"pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-31780"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfg1-mg13-d7ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199280?format=json","vulnerability_id":"VCID-ygqq-k1bc-tyfz","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32566","reference_id":"","reference_type":"","scores":[{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92235","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303","reference_id":"990303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106050?format=json","purl":"pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-32566"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ygqq-k1bc-tyfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203272?format=json","vulnerability_id":"VCID-ymnk-q1pk-6fe2","summary":"Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-10022","reference_id":"","reference_type":"","scores":[{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.86228","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-10022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-10022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-10022"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778895","reference_id":"778895","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778895"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106036?format=json","purl":"pkg:deb/debian/trafficserver@5.2.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.2.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2014-10022"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymnk-q1pk-6fe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7356?format=json","vulnerability_id":"VCID-zf9e-85bv-kkbz","summary":"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4352","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4352"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9512.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9512.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9512","reference_id":"","reference_type":"","scores":[{"value":"0.50822","scoring_system":"epss","scoring_elements":"0.97921","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Aug/16","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Aug/16"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"},{"reference_url":"https://go.dev/cl/190137","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/190137"},{"reference_url":"https://go.dev/issue/33606","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/33606"},{"reference_url":"https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5"},{"reference_url":"https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ"},{"reference_url":"https://kb.cert.org/vuls/id/605641","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kb.cert.org/vuls/id/605641"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10296","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10296"},{"reference_url":"https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9512","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9512"},{"reference_url":"https://pkg.go.dev/vuln/GO-2022-0536","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pkg.go.dev/vuln/GO-2022-0536"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/24","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/24"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/31","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/31"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/43","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/43"},{"reference_url":"https://seclists.org/bugtraq/2019/Sep/18","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Sep/18"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190823-0005","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190823-0005"},{"reference_url":"https://support.f5.com/csp/article/K98053339","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K98053339"},{"reference_url":"https://support.f5.com/csp/article/K98053339?utm_source=f5support&utm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/csp/article/K98053339?utm_source=f5support&utm_medium=RSS"},{"reference_url":"https://usn.ubuntu.com/4308-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-1"},{"reference_url":"https://www.debian.org/security/2019/dsa-4503","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4503"},{"reference_url":"https://www.debian.org/security/2019/dsa-4508","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4508"},{"reference_url":"https://www.debian.org/security/2019/dsa-4520","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4520"},{"reference_url":"https://www.synology.com/security/advisory/Synology_SA_19_33","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.synology.com/security/advisory/Synology_SA_19_33"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/08/20/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/08/20/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735645","reference_id":"1735645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735645"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886","reference_id":"934886","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887","reference_id":"934887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887"},{"reference_url":"https://security.archlinux.org/ASA-201908-15","reference_id":"ASA-201908-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-15"},{"reference_url":"https://security.archlinux.org/AVG-1021","reference_id":"AVG-1021","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2594","reference_id":"RHSA-2019:2594","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2661","reference_id":"RHSA-2019:2661","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2682","reference_id":"RHSA-2019:2682","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2690","reference_id":"RHSA-2019:2690","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2726","reference_id":"RHSA-2019:2726","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2766","reference_id":"RHSA-2019:2766","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2769","reference_id":"RHSA-2019:2769","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2796","reference_id":"RHSA-2019:2796","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2817","reference_id":"RHSA-2019:2817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2861","reference_id":"RHSA-2019:2861","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"RHSA-2019:2925","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"RHSA-2019:2939","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"RHSA-2019:2955","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2966","reference_id":"RHSA-2019:2966","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3131","reference_id":"RHSA-2019:3131","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3245","reference_id":"RHSA-2019:3245","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3265","reference_id":"RHSA-2019:3265","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3892","reference_id":"RHSA-2019:3892","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3906","reference_id":"RHSA-2019:3906","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4018","reference_id":"RHSA-2019:4018","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4019","reference_id":"RHSA-2019:4019","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4020","reference_id":"RHSA-2019:4020","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4021","reference_id":"RHSA-2019:4021","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4040","reference_id":"RHSA-2019:4040","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4041","reference_id":"RHSA-2019:4041","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4042","reference_id":"RHSA-2019:4042","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4045","reference_id":"RHSA-2019:4045","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4269","reference_id":"RHSA-2019:4269","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4273","reference_id":"RHSA-2019:4273","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0406","reference_id":"RHSA-2020:0406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0727","reference_id":"RHSA-2020:0727","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2565","reference_id":"RHSA-2020:2565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3196","reference_id":"RHSA-2020:3196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3197","reference_id":"RHSA-2020:3197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5856","reference_id":"RHSA-2024:5856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5856"},{"reference_url":"https://usn.ubuntu.com/USN-4866-1/","reference_id":"USN-USN-4866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4866-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106045?format=json","purl":"pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106033?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106031?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/106034?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8yxn-u5ac-yybn"},{"vulnerability":"VCID-93qp-64eg-k3hj"},{"vulnerability":"VCID-faeh-ns6e-73g2"},{"vulnerability":"VCID-fj9t-1ttk-uqcu"},{"vulnerability":"VCID-k6yx-663g-nqer"},{"vulnerability":"VCID-ma6w-65j9-1bh8"},{"vulnerability":"VCID-p3hf-w849-w3b5"},{"vulnerability":"VCID-sa2k-f5rf-sfgg"},{"vulnerability":"VCID-shj4-4p2k-qfg5"},{"vulnerability":"VCID-t9ba-ud3b-z3b8"},{"vulnerability":"VCID-thsb-1fs9-q3b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2019-9512","GHSA-hgr8-6h9x-f7q9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zf9e-85bv-kkbz"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid"}