{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","type":"deb","namespace":"debian","name":"zlib","version":"1:1.2.13.dfsg-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:1.3.dfsg-2","latest_non_vulnerable_version":"1:1.3.dfsg+really1.3.2-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15967?format=json","vulnerability_id":"VCID-3pdh-1xyy-83dd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45853.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45853.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45853","reference_id":"","reference_type":"","scores":[{"value":"0.01396","scoring_system":"epss","scoring_elements":"0.80874","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01396","scoring_system":"epss","scoring_elements":"0.80882","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01396","scoring_system":"epss","scoring_elements":"0.80872","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01396","scoring_system":"epss","scoring_elements":"0.80812","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45853"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c"},{"reference_url":"https://github.com/smihica/pyminizip","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smihica/pyminizip"},{"reference_url":"https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231130-0009","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231130-0009"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/24/10","reference_id":"10","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/24/10"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054290","reference_id":"1054290","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054290"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056718","reference_id":"1056718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056718"},{"reference_url":"https://security.gentoo.org/glsa/202401-18","reference_id":"202401-18","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://security.gentoo.org/glsa/202401-18"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244556","reference_id":"2244556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244556"},{"reference_url":"https://github.com/madler/zlib/pull/843","reference_id":"843","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://github.com/madler/zlib/pull/843"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/20/9","reference_id":"9","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/20/9"},{"reference_url":"https://security.archlinux.org/AVG-2847","reference_id":"AVG-2847","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2847"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45853","reference_id":"CVE-2023-45853","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45853"},{"reference_url":"https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356","reference_id":"d709fb23806858847131027da95ef4c548813356","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"},{"reference_url":"https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61","reference_id":"de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"},{"reference_url":"https://github.com/advisories/GHSA-mq29-j5xf-cjwr","reference_id":"GHSA-mq29-j5xf-cjwr","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mq29-j5xf-cjwr"},{"reference_url":"https://pypi.org/project/pyminizip/#history","reference_id":"#history","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://pypi.org/project/pyminizip/#history"},{"reference_url":"https://www.winimage.com/zLibDll/minizip.html","reference_id":"minizip.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://www.winimage.com/zLibDll/minizip.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html","reference_id":"msg00026.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231130-0009/","reference_id":"ntap-20231130-0009","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231130-0009/"},{"reference_url":"https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4","reference_id":"README.contrib#L1-L4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://usn.ubuntu.com/7107-1/","reference_id":"USN-7107-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7107-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108587?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2023-45853","GHSA-mq29-j5xf-cjwr"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3pdh-1xyy-83dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27513?format=json","vulnerability_id":"VCID-f4p7-qehn-kbdg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27171.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27171.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27171","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00872","published_at":"2026-06-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00876","published_at":"2026-06-14T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00866","published_at":"2026-06-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00869","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27171","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27171"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128336","reference_id":"1128336","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128336"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440530","reference_id":"2440530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440530"},{"reference_url":"https://github.com/madler/zlib/issues/904","reference_id":"904","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://github.com/madler/zlib/issues/904"},{"reference_url":"https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf","reference_id":"pentest-report-zlib-RC1.1.pdf","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf"},{"reference_url":"https://github.com/madler/zlib/releases/tag/v1.3.2","reference_id":"v1.3.2","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://github.com/madler/zlib/releases/tag/v1.3.2"},{"reference_url":"https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/","reference_id":"zlib-7asecurity-audit","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/"},{"reference_url":"https://ostif.org/zlib-audit-complete/","reference_id":"zlib-audit-complete","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://ostif.org/zlib-audit-complete/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108589?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2026-27171"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4p7-qehn-kbdg"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200124?format=json","vulnerability_id":"VCID-1ntc-urq5-gqfw","summary":"zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096","reference_id":"","reference_type":"","scores":[{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97577","published_at":"2026-06-11T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97586","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133","reference_id":"317133","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523","reference_id":"317523","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966","reference_id":"317966","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967","reference_id":"317967","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968","reference_id":"317968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014","reference_id":"318014","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091","reference_id":"318091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099","reference_id":"318099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100","reference_id":"318100","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246","reference_id":"318246","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236","reference_id":"332236","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650","reference_id":"430650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:569","reference_id":"RHSA-2005:569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0264","reference_id":"RHSA-2008:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0525","reference_id":"RHSA-2008:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0629","reference_id":"RHSA-2008:0629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0629"},{"reference_url":"https://usn.ubuntu.com/148-1/","reference_id":"USN-148-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/148-1/"},{"reference_url":"https://usn.ubuntu.com/151-2/","reference_id":"USN-151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-2/"},{"reference_url":"https://usn.ubuntu.com/151-3/","reference_id":"USN-151-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-3/"},{"reference_url":"https://usn.ubuntu.com/151-4/","reference_id":"USN-151-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108581?format=json","purl":"pkg:deb/debian/zlib@1:1.2.2-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.2-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2005-2096"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ntc-urq5-gqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26773?format=json","vulnerability_id":"VCID-2w19-fmfk-8qh2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22184.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22184.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22184","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00369","published_at":"2026-06-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00372","published_at":"2026-06-14T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00366","published_at":"2026-06-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00368","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22184"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427688","reference_id":"2427688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427688"},{"reference_url":"https://seclists.org/fulldisclosure/2026/Jan/3","reference_id":"3","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://seclists.org/fulldisclosure/2026/Jan/3"},{"reference_url":"https://github.com/madler/zlib","reference_id":"zlib","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://github.com/madler/zlib"},{"reference_url":"https://zlib.net/","reference_id":"zlib.net","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://zlib.net/"},{"reference_url":"https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname","reference_id":"zlib-untgz-global-buffer-overflow-in-tgzfname","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108588?format=json","purl":"pkg:deb/debian/zlib@1:1.2.6.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.6.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2026-22184"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2w19-fmfk-8qh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2201?format=json","vulnerability_id":"VCID-48dc-cvn7-ufew","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840","reference_id":"","reference_type":"","scores":[{"value":"0.09831","scoring_system":"epss","scoring_elements":"0.93149","published_at":"2026-06-11T12:55:00Z"},{"value":"0.09831","scoring_system":"epss","scoring_elements":"0.93172","published_at":"2026-06-12T12:55:00Z"},{"value":"0.09831","scoring_system":"epss","scoring_elements":"0.93173","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345","reference_id":"1402345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10541","reference_id":"RHSA-2025:10541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11048","reference_id":"RHSA-2025:11048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12013","reference_id":"RHSA-2025:12013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13947","reference_id":"RHSA-2025:13947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8280","reference_id":"RHSA-2025:8280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8284","reference_id":"RHSA-2025:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8314","reference_id":"RHSA-2025:8314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8395","reference_id":"RHSA-2025:8395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8395"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108582?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9840"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-48dc-cvn7-ufew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183737?format=json","vulnerability_id":"VCID-4pe8-hu2r-9far","summary":"The zlib library contains a Denial of Service vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0797","reference_id":"","reference_type":"","scores":[{"value":"0.02225","scoring_system":"epss","scoring_elements":"0.84877","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02225","scoring_system":"epss","scoring_elements":"0.8493","published_at":"2026-06-14T12:55:00Z"},{"value":"0.02225","scoring_system":"epss","scoring_elements":"0.84938","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797"},{"reference_url":"https://security.gentoo.org/glsa/200408-26","reference_id":"GLSA-200408-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200408-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108579?format=json","purl":"pkg:deb/debian/zlib@1:1.2.1.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.1.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2004-0797"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pe8-hu2r-9far"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2203?format=json","vulnerability_id":"VCID-8f63-2hwc-8uae","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842","reference_id":"","reference_type":"","scores":[{"value":"0.1138","scoring_system":"epss","scoring_elements":"0.93744","published_at":"2026-06-12T12:55:00Z"},{"value":"0.1138","scoring_system":"epss","scoring_elements":"0.93748","published_at":"2026-06-13T12:55:00Z"},{"value":"0.1138","scoring_system":"epss","scoring_elements":"0.93724","published_at":"2026-06-11T12:55:00Z"},{"value":"0.1153","scoring_system":"epss","scoring_elements":"0.93817","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1039427","reference_id":"1039427","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.securitytracker.com/id/1039427"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"201701-56","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"202007-54","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/05/21","reference_id":"21","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/05/21"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"4246-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"4292-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274","reference_id":"847274","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"http://www.securityfocus.com/bid/95131","reference_id":"95131","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.securityfocus.com/bid/95131"},{"reference_url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib","reference_id":"Completed#zlib","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"cpujul2020.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","reference_id":"cpuoct2017-3236626.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","reference_id":"cpuoct2018-4428296.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"reference_url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958","reference_id":"e54e1299404101a5a9d0cf5e45512b543967f958","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958"},{"reference_url":"https://support.apple.com/HT208112","reference_id":"HT208112","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://support.apple.com/HT208112"},{"reference_url":"https://support.apple.com/HT208113","reference_id":"HT208113","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://support.apple.com/HT208113"},{"reference_url":"https://support.apple.com/HT208115","reference_id":"HT208115","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://support.apple.com/HT208115"},{"reference_url":"https://support.apple.com/HT208144","reference_id":"HT208144","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://support.apple.com/HT208144"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html","reference_id":"msg00050.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html","reference_id":"msg00053.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html","reference_id":"msg00127.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348","reference_id":"show_bug.cgi?id=1402348","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348"},{"reference_url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf","reference_id":"Zlib-report.pdf","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108582?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9842"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8f63-2hwc-8uae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12269?format=json","vulnerability_id":"VCID-kggk-139g-ffck","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37434.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37434","reference_id":"","reference_type":"","scores":[{"value":"0.92745","scoring_system":"epss","scoring_elements":"0.99767","published_at":"2026-06-11T12:55:00Z"},{"value":"0.92745","scoring_system":"epss","scoring_elements":"0.99768","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/curl/curl/issues/9271","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/curl/curl/issues/9271"},{"reference_url":"https://github.com/ivd38/zlib_overflow","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ivd38/zlib_overflow"},{"reference_url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063"},{"reference_url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1"},{"reference_url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/05/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/05/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/09/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/09/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016710","reference_id":"1016710","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116639","reference_id":"2116639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116639"},{"reference_url":"https://security.archlinux.org/AVG-2821","reference_id":"AVG-2821","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2821"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434","reference_id":"CVE-2022-37434","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7106","reference_id":"RHSA-2022:7106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7314","reference_id":"RHSA-2022:7314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7793","reference_id":"RHSA-2022:7793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8291","reference_id":"RHSA-2022:8291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1095","reference_id":"RHSA-2023:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0254","reference_id":"RHSA-2024:0254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0254"},{"reference_url":"https://usn.ubuntu.com/5570-1/","reference_id":"USN-5570-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5570-1/"},{"reference_url":"https://usn.ubuntu.com/5570-2/","reference_id":"USN-5570-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5570-2/"},{"reference_url":"https://usn.ubuntu.com/5573-1/","reference_id":"USN-5573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5573-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108586?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2022-37434"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kggk-139g-ffck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5388?format=json","vulnerability_id":"VCID-s2mc-whzr-sbb8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25032","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25585","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.256","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25582","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25385","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220526-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220526-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220729-0004"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/24/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/24/1"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/28/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/28/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/03/26/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/03/26/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008265","reference_id":"1008265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008265"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/03/25/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/03/25/2"},{"reference_url":"https://security.gentoo.org/glsa/202210-42","reference_id":"202210-42","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.gentoo.org/glsa/202210-42"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067945","reference_id":"2067945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067945"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/28/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/28/3"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/33","reference_id":"33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/33"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/35","reference_id":"35","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/35"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/38","reference_id":"38","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/38"},{"reference_url":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","reference_id":"5c44459c3b28a9bd3283aaceab7c615f8020c531","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"},{"reference_url":"https://github.com/madler/zlib/issues/605","reference_id":"605","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/issues/605"},{"reference_url":"https://security.archlinux.org/ASA-202204-3","reference_id":"ASA-202204-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-3"},{"reference_url":"https://security.archlinux.org/AVG-2657","reference_id":"AVG-2657","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2657"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"cpujul2022.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25032","reference_id":"CVE-2018-25032","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25032"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-25032.yml","reference_id":"CVE-2018-25032.YML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-25032.yml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/","reference_id":"DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/","reference_id":"DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5111","reference_id":"dsa-5111","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.debian.org/security/2022/dsa-5111"},{"reference_url":"https://github.com/advisories/GHSA-jc36-42cf-vqwj","reference_id":"GHSA-jc36-42cf-vqwj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jc36-42cf-vqwj"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5","reference_id":"GHSA-v6gp-9mmm-c6p5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5"},{"reference_url":"https://security.gentoo.org/glsa/202405-22","reference_id":"GLSA-202405-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-22"},{"reference_url":"https://support.apple.com/kb/HT213255","reference_id":"HT213255","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213255"},{"reference_url":"https://support.apple.com/kb/HT213256","reference_id":"HT213256","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213256"},{"reference_url":"https://support.apple.com/kb/HT213257","reference_id":"HT213257","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213257"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/","reference_id":"JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/","reference_id":"NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220526-0009/","reference_id":"ntap-20220526-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220526-0009/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0004/","reference_id":"ntap-20220729-0004","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220729-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1591","reference_id":"RHSA-2022:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1642","reference_id":"RHSA-2022:1642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1661","reference_id":"RHSA-2022:1661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2192","reference_id":"RHSA-2022:2192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2197","reference_id":"RHSA-2022:2197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2198","reference_id":"RHSA-2022:2198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2201","reference_id":"RHSA-2022:2201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2213","reference_id":"RHSA-2022:2213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2214","reference_id":"RHSA-2022:2214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4584","reference_id":"RHSA-2022:4584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4592","reference_id":"RHSA-2022:4592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4845","reference_id":"RHSA-2022:4845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4896","reference_id":"RHSA-2022:4896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5439","reference_id":"RHSA-2022:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7813","reference_id":"RHSA-2022:7813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8420","reference_id":"RHSA-2022:8420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0943","reference_id":"RHSA-2023:0943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0975","reference_id":"RHSA-2023:0975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0976","reference_id":"RHSA-2023:0976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0976"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf","reference_id":"ssa-333517.pdf","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"},{"reference_url":"https://usn.ubuntu.com/5355-1/","reference_id":"USN-5355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5355-1/"},{"reference_url":"https://usn.ubuntu.com/5355-2/","reference_id":"USN-5355-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5355-2/"},{"reference_url":"https://usn.ubuntu.com/5359-1/","reference_id":"USN-5359-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5359-1/"},{"reference_url":"https://usn.ubuntu.com/5359-2/","reference_id":"USN-5359-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5359-2/"},{"reference_url":"https://usn.ubuntu.com/5739-1/","reference_id":"USN-5739-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5739-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"},{"reference_url":"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12","reference_id":"v1.2.11...v1.2.12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/","reference_id":"VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/","reference_id":"XOKFMSNQ5D5WGMALBNBXU3GE442V74WU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108585?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108584?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2018-25032","GHSA-jc36-42cf-vqwj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s2mc-whzr-sbb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2204?format=json","vulnerability_id":"VCID-sw7k-kkqy-ybev","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843","reference_id":"","reference_type":"","scores":[{"value":"0.13502","scoring_system":"epss","scoring_elements":"0.94377","published_at":"2026-06-11T12:55:00Z"},{"value":"0.13502","scoring_system":"epss","scoring_elements":"0.94396","published_at":"2026-06-12T12:55:00Z"},{"value":"0.13502","scoring_system":"epss","scoring_elements":"0.94401","published_at":"2026-06-13T12:55:00Z"},{"value":"0.17674","scoring_system":"epss","scoring_elements":"0.95276","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351","reference_id":"1402351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275","reference_id":"847275","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/7959-1/","reference_id":"USN-7959-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7959-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108582?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9843"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sw7k-kkqy-ybev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199500?format=json","vulnerability_id":"VCID-t8c9-mqz2-zqhy","summary":"Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0107","reference_id":"","reference_type":"","scores":[{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97176","published_at":"2026-06-11T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97183","published_at":"2026-06-12T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97185","published_at":"2026-06-13T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97186","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616967","reference_id":"1616967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616967"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22273.c","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22273.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22274.c","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22274.c"},{"reference_url":"https://www.securityfocus.com/bid/6913/info","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6913/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:079","reference_id":"RHSA-2003:079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:081","reference_id":"RHSA-2003:081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:081"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108575?format=json","purl":"pkg:deb/debian/zlib@1:1.1.4-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.1.4-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2003-0107"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8c9-mqz2-zqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2202?format=json","vulnerability_id":"VCID-vrs5-w83h-4qg7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841","reference_id":"","reference_type":"","scores":[{"value":"0.19177","scoring_system":"epss","scoring_elements":"0.955","published_at":"2026-06-11T12:55:00Z"},{"value":"0.19177","scoring_system":"epss","scoring_elements":"0.95514","published_at":"2026-06-12T12:55:00Z"},{"value":"0.19177","scoring_system":"epss","scoring_elements":"0.95517","published_at":"2026-06-13T12:55:00Z"},{"value":"0.19177","scoring_system":"epss","scoring_elements":"0.9552","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346","reference_id":"1402346","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108583?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9841"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrs5-w83h-4qg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180097?format=json","vulnerability_id":"VCID-z3fa-pm5g-kufd","summary":"Pngcrush is vulnerable to a buffer overflow which could potentially lead to\n    the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1849.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1849.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1849","reference_id":"","reference_type":"","scores":[{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92275","published_at":"2026-06-11T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92302","published_at":"2026-06-12T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92307","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430649","reference_id":"430649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430649"},{"reference_url":"https://security.gentoo.org/glsa/200603-18","reference_id":"GLSA-200603-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200603-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:584","reference_id":"RHSA-2005:584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0264","reference_id":"RHSA-2008:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0525","reference_id":"RHSA-2008:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0629","reference_id":"RHSA-2008:0629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0629"},{"reference_url":"https://usn.ubuntu.com/151-1/","reference_id":"USN-151-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-1/"},{"reference_url":"https://usn.ubuntu.com/151-2/","reference_id":"USN-151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-2/"},{"reference_url":"https://usn.ubuntu.com/151-3/","reference_id":"USN-151-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-3/"},{"reference_url":"https://usn.ubuntu.com/151-4/","reference_id":"USN-151-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108580?format=json","purl":"pkg:deb/debian/zlib@1:1.2.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108576?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108574?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3pdh-1xyy-83dd"},{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108578?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f4p7-qehn-kbdg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108577?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2005-1849"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3fa-pm5g-kufd"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"}