{"url":"http://public2.vulnerablecode.io/api/packages/117934?format=json","purl":"pkg:rpm/redhat/kvm@83-273?arch=el5_11","type":"rpm","namespace":"redhat","name":"kvm","version":"83-273","qualifiers":{"arch":"el5_11"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4019?format=json","vulnerability_id":"VCID-tagr-5fpf-4bcj","summary":"Heap overflow in QEMU PCNET controller, allowing guest->host escape","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3209.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3209.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3209","reference_id":"","reference_type":"","scores":[{"value":"0.18024","scoring_system":"epss","scoring_elements":"0.95233","published_at":"2026-05-14T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95549","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95554","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95558","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95565","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95568","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95572","published_at":"2026-04-11T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95573","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95574","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95583","published_at":"2026-04-16T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.9554","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95589","published_at":"2026-04-24T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95591","published_at":"2026-04-26T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.9559","published_at":"2026-04-29T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95606","published_at":"2026-05-05T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.9561","published_at":"2026-05-07T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95616","published_at":"2026-05-09T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95622","published_at":"2026-05-11T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95627","published_at":"2026-05-12T12:55:00Z"},{"value":"0.20573","scoring_system":"epss","scoring_elements":"0.95588","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1225882","reference_id":"1225882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1225882"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788460","reference_id":"788460","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788460"},{"reference_url":"https://security.gentoo.org/glsa/201510-02","reference_id":"GLSA-201510-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-02"},{"reference_url":"https://security.gentoo.org/glsa/201604-03","reference_id":"GLSA-201604-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201604-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1087","reference_id":"RHSA-2015:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1088","reference_id":"RHSA-2015:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1089","reference_id":"RHSA-2015:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1189","reference_id":"RHSA-2015:1189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1189"},{"reference_url":"https://usn.ubuntu.com/2630-1/","reference_id":"USN-2630-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2630-1/"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-135.html","reference_id":"XSA-135","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-135.html"}],"fixed_packages":[],"aliases":["CVE-2015-3209"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tagr-5fpf-4bcj"}],"fixing_vulnerabilities":[],"risk_score":"0.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kvm@83-273%3Farch=el5_11"}