{"url":"http://public2.vulnerablecode.io/api/packages/111856?format=json","purl":"pkg:apk/alpine/webkit2gtk-6.0@2.36.5-r0?arch=aarch64&distroversion=v3.19&reponame=community","type":"apk","namespace":"alpine","name":"webkit2gtk-6.0","version":"2.36.5-r0","qualifiers":{"arch":"aarch64","distroversion":"v3.19","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174278?format=json","vulnerability_id":"VCID-he8m-mrbp-mka5","summary":"Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2294","reference_id":"","reference_type":"","scores":[{"value":"0.01108","scoring_system":"epss","scoring_elements":"0.78531","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2296"},{"reference_url":"https://crbug.com/1341043","reference_id":"1341043","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"https://crbug.com/1341043"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/28/2","reference_id":"2","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/07/28/2"},{"reference_url":"https://security.gentoo.org/glsa/202208-35","reference_id":"202208-35","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"https://security.gentoo.org/glsa/202208-35"},{"reference_url":"https://security.gentoo.org/glsa/202208-39","reference_id":"202208-39","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"https://security.gentoo.org/glsa/202208-39"},{"reference_url":"https://security.gentoo.org/glsa/202311-11","reference_id":"202311-11","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"https://security.gentoo.org/glsa/202311-11"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB/","reference_id":"5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7/","reference_id":"H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7/"},{"reference_url":"https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-01-12T15:04:35Z/"}],"url":"https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html"},{"reference_url":"https://usn.ubuntu.com/5568-1/","reference_id":"USN-5568-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5568-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/111856?format=json","purl":"pkg:apk/alpine/webkit2gtk-6.0@2.36.5-r0?arch=aarch64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk-6.0@2.36.5-r0%3Farch=aarch64&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2022-2294"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-he8m-mrbp-mka5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/webkit2gtk-6.0@2.36.5-r0%3Farch=aarch64&distroversion=v3.19&reponame=community"}