{"url":"http://public2.vulnerablecode.io/api/packages/137459?format=json","purl":"pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-74.jbcs?arch=el7","type":"rpm","namespace":"redhat","name":"jbcs-httpd24-httpd","version":"2.4.37-74.jbcs","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53886?format=json","vulnerability_id":"VCID-f7n8-zzhz-fuc8","summary":"Improper Certificate Validation\ncurl is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8286.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8286","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52393","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52333","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1048457","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://hackerone.com/reports/1048457"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906096","reference_id":"1906096","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906096"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/50","reference_id":"50","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/50"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/51","reference_id":"51","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/51"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/54","reference_id":"54","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/54"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161","reference_id":"977161","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977161"},{"reference_url":"https://security.archlinux.org/AVG-1337","reference_id":"AVG-1337","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1337"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8286","reference_id":"CVE-2020-8286","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8286"},{"reference_url":"https://curl.se/docs/CVE-2020-8286.html","reference_id":"CVE-2020-8286.HTML","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://curl.se/docs/CVE-2020-8286.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","reference_id":"DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4881","reference_id":"dsa-4881","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://www.debian.org/security/2021/dsa-4881"},{"reference_url":"https://security.gentoo.org/glsa/202012-14","reference_id":"GLSA-202012-14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://security.gentoo.org/glsa/202012-14"},{"reference_url":"https://support.apple.com/kb/HT212325","reference_id":"HT212325","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://support.apple.com/kb/HT212325"},{"reference_url":"https://support.apple.com/kb/HT212326","reference_id":"HT212326","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://support.apple.com/kb/HT212326"},{"reference_url":"https://support.apple.com/kb/HT212327","reference_id":"HT212327","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://support.apple.com/kb/HT212327"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210122-0007/","reference_id":"ntap-20210122-0007","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","reference_id":"NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1610","reference_id":"RHSA-2021:1610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf","reference_id":"ssa-200951.pdf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:29:39Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf"},{"reference_url":"https://usn.ubuntu.com/4665-1/","reference_id":"USN-4665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-1/"}],"fixed_packages":[],"aliases":["CVE-2020-8286"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f7n8-zzhz-fuc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5600?format=json","vulnerability_id":"VCID-fhc8-r8gv-bugj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22876.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22876","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29867","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29799","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1101882","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://hackerone.com/reports/1101882"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941964","reference_id":"1941964","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941964"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/","reference_id":"2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269","reference_id":"986269","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986269"},{"reference_url":"https://security.archlinux.org/AVG-1753","reference_id":"AVG-1753","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1753"},{"reference_url":"https://security.archlinux.org/AVG-1754","reference_id":"AVG-1754","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1754"},{"reference_url":"https://security.archlinux.org/AVG-1755","reference_id":"AVG-1755","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1755"},{"reference_url":"https://security.archlinux.org/AVG-1756","reference_id":"AVG-1756","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1756"},{"reference_url":"https://security.archlinux.org/AVG-1757","reference_id":"AVG-1757","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1757"},{"reference_url":"https://security.archlinux.org/AVG-1758","reference_id":"AVG-1758","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1758"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22876","reference_id":"CVE-2021-22876","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22876"},{"reference_url":"https://curl.se/docs/CVE-2021-22876.html","reference_id":"CVE-2021-22876.HTML","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://curl.se/docs/CVE-2021-22876.html"},{"reference_url":"https://security.gentoo.org/glsa/202105-36","reference_id":"GLSA-202105-36","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://security.gentoo.org/glsa/202105-36"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/","reference_id":"ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/","reference_id":"KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html","reference_id":"msg00019.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210521-0007/","reference_id":"ntap-20210521-0007","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:54:20Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210521-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4511","reference_id":"RHSA-2021:4511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1354","reference_id":"RHSA-2022:1354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1354"},{"reference_url":"https://usn.ubuntu.com/4898-1/","reference_id":"USN-4898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4898-1/"},{"reference_url":"https://usn.ubuntu.com/4903-1/","reference_id":"USN-4903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4903-1/"}],"fixed_packages":[],"aliases":["CVE-2021-22876"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhc8-r8gv-bugj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5854?format=json","vulnerability_id":"VCID-fp66-fzqt-6yg7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8169","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24197","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24296","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8169"},{"reference_url":"https://curl.se/docs/CVE-2020-8169.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2020-8169.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/874778","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/874778"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847916","reference_id":"1847916","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280","reference_id":"965280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965280"},{"reference_url":"https://security.archlinux.org/AVG-1194","reference_id":"AVG-1194","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1194"},{"reference_url":"https://security.gentoo.org/glsa/202007-16","reference_id":"GLSA-202007-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://usn.ubuntu.com/4402-1/","reference_id":"USN-4402-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4402-1/"}],"fixed_packages":[],"aliases":["CVE-2020-8169"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fp66-fzqt-6yg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5599?format=json","vulnerability_id":"VCID-kn6z-caj8-bbc9","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22890","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21312","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21392","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1129529","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/"}],"url":"https://hackerone.com/reports/1129529"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941965","reference_id":"1941965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941965"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/","reference_id":"2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270","reference_id":"986270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986270"},{"reference_url":"https://security.archlinux.org/AVG-1753","reference_id":"AVG-1753","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1753"},{"reference_url":"https://security.archlinux.org/AVG-1754","reference_id":"AVG-1754","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1754"},{"reference_url":"https://security.archlinux.org/AVG-1755","reference_id":"AVG-1755","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1755"},{"reference_url":"https://security.archlinux.org/AVG-1756","reference_id":"AVG-1756","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1756"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22890","reference_id":"CVE-2021-22890","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22890"},{"reference_url":"https://curl.se/docs/CVE-2021-22890.html","reference_id":"CVE-2021-22890.HTML","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/"}],"url":"https://curl.se/docs/CVE-2021-22890.html"},{"reference_url":"https://security.gentoo.org/glsa/202105-36","reference_id":"GLSA-202105-36","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/"}],"url":"https://security.gentoo.org/glsa/202105-36"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/","reference_id":"ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/","reference_id":"KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210521-0007/","reference_id":"ntap-20210521-0007","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:11:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210521-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://usn.ubuntu.com/4898-1/","reference_id":"USN-4898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4898-1/"}],"fixed_packages":[],"aliases":["CVE-2021-22890"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kn6z-caj8-bbc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65689?format=json","vulnerability_id":"VCID-msd2-35g9-nyd2","summary":"A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8284","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24369","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24269","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8284"},{"reference_url":"https://curl.se/docs/CVE-2020-8284.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://curl.se/docs/CVE-2020-8284.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1040166","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://hackerone.com/reports/1040166"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902667","reference_id":"1902667","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902667"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163","reference_id":"977163","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977163"},{"reference_url":"https://security.archlinux.org/AVG-1337","reference_id":"AVG-1337","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1337"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","reference_id":"DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4881","reference_id":"dsa-4881","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://www.debian.org/security/2021/dsa-4881"},{"reference_url":"https://security.gentoo.org/glsa/202012-14","reference_id":"GLSA-202012-14","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://security.gentoo.org/glsa/202012-14"},{"reference_url":"https://support.apple.com/kb/HT212325","reference_id":"HT212325","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://support.apple.com/kb/HT212325"},{"reference_url":"https://support.apple.com/kb/HT212326","reference_id":"HT212326","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://support.apple.com/kb/HT212326"},{"reference_url":"https://support.apple.com/kb/HT212327","reference_id":"HT212327","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://support.apple.com/kb/HT212327"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210122-0007/","reference_id":"ntap-20210122-0007","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","reference_id":"NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:56:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1610","reference_id":"RHSA-2021:1610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://usn.ubuntu.com/4665-1/","reference_id":"USN-4665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-1/"},{"reference_url":"https://usn.ubuntu.com/4665-2/","reference_id":"USN-4665-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-2/"}],"fixed_packages":[],"aliases":["CVE-2020-8284"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msd2-35g9-nyd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53890?format=json","vulnerability_id":"VCID-q46r-7nct-s3bw","summary":"Out-of-bounds Write\ncurl is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8285.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8285","reference_id":"","reference_type":"","scores":[{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73378","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73342","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22890"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1045844","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://hackerone.com/reports/1045844"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902687","reference_id":"1902687","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902687"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Apr/51","reference_id":"51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"http://seclists.org/fulldisclosure/2021/Apr/51"},{"reference_url":"https://github.com/curl/curl/issues/6255","reference_id":"6255","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://github.com/curl/curl/issues/6255"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162","reference_id":"977162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977162"},{"reference_url":"https://security.archlinux.org/AVG-1337","reference_id":"AVG-1337","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1337"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8285","reference_id":"CVE-2020-8285","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8285"},{"reference_url":"https://curl.se/docs/CVE-2020-8285.html","reference_id":"CVE-2020-8285.HTML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://curl.se/docs/CVE-2020-8285.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/","reference_id":"DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4881","reference_id":"dsa-4881","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://www.debian.org/security/2021/dsa-4881"},{"reference_url":"https://security.gentoo.org/glsa/202012-14","reference_id":"GLSA-202012-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://security.gentoo.org/glsa/202012-14"},{"reference_url":"https://support.apple.com/kb/HT212325","reference_id":"HT212325","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://support.apple.com/kb/HT212325"},{"reference_url":"https://support.apple.com/kb/HT212326","reference_id":"HT212326","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://support.apple.com/kb/HT212326"},{"reference_url":"https://support.apple.com/kb/HT212327","reference_id":"HT212327","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://support.apple.com/kb/HT212327"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210122-0007/","reference_id":"ntap-20210122-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210122-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/","reference_id":"NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:06:58Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1610","reference_id":"RHSA-2021:1610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"},{"reference_url":"https://usn.ubuntu.com/4665-1/","reference_id":"USN-4665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-1/"},{"reference_url":"https://usn.ubuntu.com/4665-2/","reference_id":"USN-4665-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4665-2/"}],"fixed_packages":[],"aliases":["CVE-2020-8285"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q46r-7nct-s3bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5468?format=json","vulnerability_id":"VCID-vgap-k5zw-9qbn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22901.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22901.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22901","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43798","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43727","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22901"},{"reference_url":"https://curl.se/docs/CVE-2021-22901.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22901.html"},{"reference_url":"https://hackerone.com/reports/1180380","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1180380"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1963146","reference_id":"1963146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1963146"},{"reference_url":"https://security.archlinux.org/ASA-202106-4","reference_id":"ASA-202106-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-4"},{"reference_url":"https://security.archlinux.org/ASA-202106-5","reference_id":"ASA-202106-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-5"},{"reference_url":"https://security.archlinux.org/ASA-202106-6","reference_id":"ASA-202106-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-6"},{"reference_url":"https://security.archlinux.org/ASA-202106-7","reference_id":"ASA-202106-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-7"},{"reference_url":"https://security.archlinux.org/AVG-1995","reference_id":"AVG-1995","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1995"},{"reference_url":"https://security.archlinux.org/AVG-1996","reference_id":"AVG-1996","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1996"},{"reference_url":"https://security.archlinux.org/AVG-1997","reference_id":"AVG-1997","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1997"},{"reference_url":"https://security.archlinux.org/AVG-1998","reference_id":"AVG-1998","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1998"},{"reference_url":"https://security.gentoo.org/glsa/202105-36","reference_id":"GLSA-202105-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2471","reference_id":"RHSA-2021:2471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2472","reference_id":"RHSA-2021:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2472"}],"fixed_packages":[],"aliases":["CVE-2021-22901"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgap-k5zw-9qbn"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-74.jbcs%3Farch=el7"}