Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs?arch=el6
Typerpm
Namespaceredhat
Namejbcs-httpd24-nghttp2
Version1.39.2-25.jbcs
Qualifiers
arch el6
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-68uu-wm68-zkfb
vulnerability_id VCID-68uu-wm68-zkfb
summary in Apache HTTP Server versions 2.4.0 to 2.4.41, mod_proxy_ftp use of uninitialized value with malicious FTP backend.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1934
reference_id
reference_type
scores
0
value 0.27241
scoring_system epss
scoring_elements 0.96489
published_at 2026-06-04T12:55:00Z
1
value 0.27241
scoring_system epss
scoring_elements 0.96497
published_at 2026-06-06T12:55:00Z
2
value 0.27241
scoring_system epss
scoring_elements 0.96498
published_at 2026-06-07T12:55:00Z
3
value 0.27241
scoring_system epss
scoring_elements 0.96492
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1934
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1820772
reference_id 1820772
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1820772
8
reference_url https://security.archlinux.org/ASA-202004-14
reference_id ASA-202004-14
reference_type
scores
url https://security.archlinux.org/ASA-202004-14
9
reference_url https://security.archlinux.org/AVG-1126
reference_id AVG-1126
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1126
10
reference_url https://httpd.apache.org/security/json/CVE-2020-1934.json
reference_id CVE-2020-1934
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2020-1934.json
11
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
12
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
13
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
14
reference_url https://access.redhat.com/errata/RHSA-2020:4751
reference_id RHSA-2020:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4751
15
reference_url https://usn.ubuntu.com/4458-1/
reference_id USN-4458-1
reference_type
scores
url https://usn.ubuntu.com/4458-1/
fixed_packages
aliases CVE-2020-1934
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-68uu-wm68-zkfb
1
url VCID-81dv-y5sg-9kgq
vulnerability_id VCID-81dv-y5sg-9kgq
summary 
Missing Release of Memory after Effective Lifetime
xmlSchemaPreRun in xmlschemas.c in libxml2 allows an xmlSchemaValidateStream memory leak.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20388
reference_id
reference_type
scores
0
value 0.00614
scoring_system epss
scoring_elements 0.70298
published_at 2026-06-05T12:55:00Z
1
value 0.00614
scoring_system epss
scoring_elements 0.70307
published_at 2026-06-06T12:55:00Z
2
value 0.00614
scoring_system epss
scoring_elements 0.70289
published_at 2026-06-07T12:55:00Z
3
value 0.00614
scoring_system epss
scoring_elements 0.70256
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20388
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1799734
reference_id 1799734
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1799734
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/
reference_id 545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
reference_id 5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
7
reference_url https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68
reference_id 68
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/
url https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583
reference_id 949583
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583
9
reference_url https://security.archlinux.org/ASA-202011-15
reference_id ASA-202011-15
reference_type
scores
url https://security.archlinux.org/ASA-202011-15
10
reference_url https://security.archlinux.org/AVG-1263
reference_id AVG-1263
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1263
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-20388
reference_id CVE-2019-20388
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-20388
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
reference_id JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
13
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
14
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
15
reference_url https://access.redhat.com/errata/RHSA-2020:3996
reference_id RHSA-2020:3996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3996
16
reference_url https://access.redhat.com/errata/RHSA-2020:4479
reference_id RHSA-2020:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4479
17
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
18
reference_url https://usn.ubuntu.com/4991-1/
reference_id USN-4991-1
reference_type
scores
url https://usn.ubuntu.com/4991-1/
fixed_packages
aliases CVE-2019-20388
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81dv-y5sg-9kgq
2
url VCID-9usm-m2ey-7qad
vulnerability_id VCID-9usm-m2ey-7qad
summary 
Missing Release of Memory after Effective Lifetime
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 has a memory leak related to newDoc->oldNs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19956
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43462
published_at 2026-06-05T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43448
published_at 2026-06-07T12:55:00Z
2
value 0.0021
scoring_system epss
scoring_elements 0.43389
published_at 2026-06-04T12:55:00Z
3
value 0.0021
scoring_system epss
scoring_elements 0.43472
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788856
reference_id 1788856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788856
5
reference_url https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
reference_id 5a02583c7e683896d84878bd90641d8d9b0d0549
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
reference_id 5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19956
reference_id CVE-2019-19956
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-19956
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
reference_id JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
9
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html
10
reference_url https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html
reference_id msg00032.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html
11
reference_url https://security.netapp.com/advisory/ntap-20200114-0002/
reference_id ntap-20200114-0002
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://security.netapp.com/advisory/ntap-20200114-0002/
12
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
13
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
14
reference_url https://access.redhat.com/errata/RHSA-2020:3996
reference_id RHSA-2020:3996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3996
15
reference_url https://access.redhat.com/errata/RHSA-2020:4479
reference_id RHSA-2020:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4479
16
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
fixed_packages
aliases CVE-2019-19956
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9usm-m2ey-7qad
3
url VCID-cvna-73ya-gbg5
vulnerability_id VCID-cvna-73ya-gbg5
summary In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early. A subsequent call to XML_GetCurrentLineNumber or XML_GetCurrentColumnNumber then resulted in a heap-based buffer over-read.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15903
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42388
published_at 2026-06-07T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42328
published_at 2026-06-04T12:55:00Z
2
value 0.00203
scoring_system epss
scoring_elements 0.42404
published_at 2026-06-05T12:55:00Z
3
value 0.00203
scoring_system epss
scoring_elements 0.42415
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15903
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://seclists.org/bugtraq/2019/Nov/1
reference_id 1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Nov/1
13
reference_url https://seclists.org/bugtraq/2019/Dec/17
reference_id 17
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Dec/17
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1752592
reference_id 1752592
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1752592
15
reference_url https://seclists.org/bugtraq/2019/Dec/21
reference_id 21
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Dec/21
16
reference_url http://seclists.org/fulldisclosure/2019/Dec/23
reference_id 23
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/23
17
reference_url https://seclists.org/bugtraq/2019/Dec/23
reference_id 23
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Dec/23
18
reference_url https://seclists.org/bugtraq/2019/Nov/24
reference_id 24
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Nov/24
19
reference_url http://seclists.org/fulldisclosure/2019/Dec/26
reference_id 26
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/26
20
reference_url http://seclists.org/fulldisclosure/2019/Dec/27
reference_id 27
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/27
21
reference_url https://seclists.org/bugtraq/2019/Oct/29
reference_id 29
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Oct/29
22
reference_url http://seclists.org/fulldisclosure/2019/Dec/30
reference_id 30
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/30
23
reference_url https://seclists.org/bugtraq/2019/Sep/30
reference_id 30
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Sep/30
24
reference_url https://github.com/libexpat/libexpat/issues/317
reference_id 317
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/issues/317
25
reference_url https://github.com/libexpat/libexpat/pull/318
reference_id 318
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/pull/318
26
reference_url https://github.com/libexpat/libexpat/issues/342
reference_id 342
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/issues/342
27
reference_url https://seclists.org/bugtraq/2019/Sep/37
reference_id 37
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Sep/37
28
reference_url https://usn.ubuntu.com/4132-1/
reference_id 4132-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4132-1/
29
reference_url https://usn.ubuntu.com/4132-2/
reference_id 4132-2
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4132-2/
30
reference_url https://usn.ubuntu.com/4165-1/
reference_id 4165-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4165-1/
31
reference_url https://usn.ubuntu.com/4202-1/
reference_id 4202-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4202-1/
32
reference_url https://usn.ubuntu.com/4335-1/
reference_id 4335-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4335-1/
33
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394
reference_id 939394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
reference_id A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
35
reference_url https://security.archlinux.org/ASA-201910-15
reference_id ASA-201910-15
reference_type
scores
url https://security.archlinux.org/ASA-201910-15
36
reference_url https://security.archlinux.org/ASA-201910-16
reference_id ASA-201910-16
reference_type
scores
url https://security.archlinux.org/ASA-201910-16
37
reference_url https://security.archlinux.org/ASA-201910-17
reference_id ASA-201910-17
reference_type
scores
url https://security.archlinux.org/ASA-201910-17
38
reference_url https://security.archlinux.org/AVG-1053
reference_id AVG-1053
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1053
39
reference_url https://security.archlinux.org/AVG-1054
reference_id AVG-1054
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1054
40
reference_url https://security.archlinux.org/AVG-1055
reference_id AVG-1055
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1055
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
reference_id BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
42
reference_url https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
reference_id c20b758c332d9a13afbbb276d30db1d183a85d43
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
43
reference_url https://www.debian.org/security/2019/dsa-4530
reference_id dsa-4530
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.debian.org/security/2019/dsa-4530
44
reference_url https://www.debian.org/security/2019/dsa-4549
reference_id dsa-4549
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.debian.org/security/2019/dsa-4549
45
reference_url https://www.debian.org/security/2019/dsa-4571
reference_id dsa-4571
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.debian.org/security/2019/dsa-4571
46
reference_url https://security.gentoo.org/glsa/201911-08
reference_id GLSA-201911-08
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://security.gentoo.org/glsa/201911-08
47
reference_url https://support.apple.com/kb/HT210785
reference_id HT210785
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210785
48
reference_url https://support.apple.com/kb/HT210788
reference_id HT210788
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210788
49
reference_url https://support.apple.com/kb/HT210789
reference_id HT210789
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210789
50
reference_url https://support.apple.com/kb/HT210790
reference_id HT210790
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210790
51
reference_url https://support.apple.com/kb/HT210793
reference_id HT210793
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210793
52
reference_url https://support.apple.com/kb/HT210794
reference_id HT210794
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210794
53
reference_url https://support.apple.com/kb/HT210795
reference_id HT210795
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210795
54
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
reference_id mfsa2019-33
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
55
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
reference_id mfsa2019-34
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
56
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
reference_id mfsa2019-35
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
57
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
reference_id msg00000.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
58
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
reference_id msg00002.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
59
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
reference_id msg00003.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
60
reference_url https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
61
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
reference_id msg00008.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
62
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
reference_id msg00013.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
63
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
reference_id msg00016.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
64
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
65
reference_url https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
66
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
67
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
reference_id msg00019.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
68
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id msg00040.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
69
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
reference_id msg00080.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
70
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
reference_id msg00081.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
71
reference_url https://security.netapp.com/advisory/ntap-20190926-0004/
reference_id ntap-20190926-0004
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://security.netapp.com/advisory/ntap-20190926-0004/
72
reference_url https://access.redhat.com/errata/RHSA-2019:3193
reference_id RHSA-2019:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3193
73
reference_url https://access.redhat.com/errata/RHSA-2019:3196
reference_id RHSA-2019:3196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3196
74
reference_url https://access.redhat.com/errata/RHSA-2019:3210
reference_id RHSA-2019:3210
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://access.redhat.com/errata/RHSA-2019:3210
75
reference_url https://access.redhat.com/errata/RHSA-2019:3237
reference_id RHSA-2019:3237
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://access.redhat.com/errata/RHSA-2019:3237
76
reference_url https://access.redhat.com/errata/RHSA-2019:3756
reference_id RHSA-2019:3756
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://access.redhat.com/errata/RHSA-2019:3756
77
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
78
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
79
reference_url https://access.redhat.com/errata/RHSA-2020:3952
reference_id RHSA-2020:3952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3952
80
reference_url https://access.redhat.com/errata/RHSA-2020:4484
reference_id RHSA-2020:4484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4484
81
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
82
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
83
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
reference_id S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
84
reference_url http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
reference_id Slackware-Security-Advisory-expat-Updates.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
85
reference_url http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
reference_id Slackware-Security-Advisory-mozilla-firefox-Updates.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
86
reference_url http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
reference_id Slackware-Security-Advisory-python-Updates.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
87
reference_url https://www.tenable.com/security/tns-2021-11
reference_id tns-2021-11
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.tenable.com/security/tns-2021-11
88
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
89
reference_url https://usn.ubuntu.com/USN-4852-1/
reference_id USN-USN-4852-1
reference_type
scores
url https://usn.ubuntu.com/USN-4852-1/
90
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
aliases CVE-2019-15903
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvna-73ya-gbg5
4
url VCID-dczz-4wtw-83b9
vulnerability_id VCID-dczz-4wtw-83b9
summary In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11080.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11080.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11080
reference_id
reference_type
scores
0
value 0.01247
scoring_system epss
scoring_elements 0.79666
published_at 2026-06-07T12:55:00Z
1
value 0.01247
scoring_system epss
scoring_elements 0.79638
published_at 2026-06-04T12:55:00Z
2
value 0.01247
scoring_system epss
scoring_elements 0.79665
published_at 2026-06-05T12:55:00Z
3
value 0.01247
scoring_system epss
scoring_elements 0.7967
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11080
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8174
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1844929
reference_id 1844929
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1844929
6
reference_url https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090
reference_id 336a98feb0d56b9ac54e12736b18785c27f75090
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/
reference_id 4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145
reference_id 962145
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962145
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL/
reference_id AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL/
10
reference_url https://www.debian.org/security/2020/dsa-4696
reference_id dsa-4696
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://www.debian.org/security/2020/dsa-4696
11
reference_url https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394
reference_id f8da73bd042f810f34d19f9eae02b46d870af394
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394
12
reference_url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr
reference_id GHSA-q5wr-xfw9-q7xr
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr
13
reference_url https://lists.debian.org/debian-lts-announce/2021/10/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:44:48Z/
url https://lists.debian.org/debian-lts-announce/2021/10/msg00011.html
14
reference_url https://access.redhat.com/errata/RHSA-2020:2523
reference_id RHSA-2020:2523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2523
15
reference_url https://access.redhat.com/errata/RHSA-2020:2524
reference_id RHSA-2020:2524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2524
16
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
17
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
18
reference_url https://access.redhat.com/errata/RHSA-2020:2755
reference_id RHSA-2020:2755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2755
19
reference_url https://access.redhat.com/errata/RHSA-2020:2784
reference_id RHSA-2020:2784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2784
20
reference_url https://access.redhat.com/errata/RHSA-2020:2823
reference_id RHSA-2020:2823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2823
21
reference_url https://access.redhat.com/errata/RHSA-2020:2847
reference_id RHSA-2020:2847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2847
22
reference_url https://access.redhat.com/errata/RHSA-2020:2848
reference_id RHSA-2020:2848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2848
23
reference_url https://access.redhat.com/errata/RHSA-2020:2849
reference_id RHSA-2020:2849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2849
24
reference_url https://access.redhat.com/errata/RHSA-2020:2850
reference_id RHSA-2020:2850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2850
25
reference_url https://access.redhat.com/errata/RHSA-2020:2852
reference_id RHSA-2020:2852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2852
26
reference_url https://access.redhat.com/errata/RHSA-2020:2895
reference_id RHSA-2020:2895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2895
27
reference_url https://access.redhat.com/errata/RHSA-2020:3042
reference_id RHSA-2020:3042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3042
28
reference_url https://access.redhat.com/errata/RHSA-2020:3084
reference_id RHSA-2020:3084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3084
29
reference_url https://usn.ubuntu.com/6142-1/
reference_id USN-6142-1
reference_type
scores
url https://usn.ubuntu.com/6142-1/
fixed_packages
aliases CVE-2020-11080
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dczz-4wtw-83b9
5
url VCID-faqh-hsss-93bc
vulnerability_id VCID-faqh-hsss-93bc
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0197.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0197.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0197
reference_id
reference_type
scores
0
value 0.02193
scoring_system epss
scoring_elements 0.84705
published_at 2026-06-04T12:55:00Z
1
value 0.02193
scoring_system epss
scoring_elements 0.84733
published_at 2026-06-06T12:55:00Z
2
value 0.02193
scoring_system epss
scoring_elements 0.84727
published_at 2026-06-07T12:55:00Z
3
value 0.02193
scoring_system epss
scoring_elements 0.84729
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0197
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0197
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0197
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1695042
reference_id 1695042
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1695042
4
reference_url https://security.archlinux.org/ASA-201904-3
reference_id ASA-201904-3
reference_type
scores
url https://security.archlinux.org/ASA-201904-3
5
reference_url https://security.archlinux.org/AVG-946
reference_id AVG-946
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-946
6
reference_url https://httpd.apache.org/security/json/CVE-2019-0197.json
reference_id CVE-2019-0197
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2019-0197.json
7
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
8
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
9
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
10
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
11
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
12
reference_url https://access.redhat.com/errata/RHSA-2020:4751
reference_id RHSA-2020:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4751
13
reference_url https://usn.ubuntu.com/4113-1/
reference_id USN-4113-1
reference_type
scores
url https://usn.ubuntu.com/4113-1/
fixed_packages
aliases CVE-2019-0197
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-faqh-hsss-93bc
6
url VCID-jxz3-ug52-cuhn
vulnerability_id VCID-jxz3-ug52-cuhn
summary 
libxml2 2.9.10 has an infinite loop in a certain end-of-file situation
Nokogiri has backported the patch for CVE-2020-7595 into its vendored version
of libxml2, and released this as v1.10.8

CVE-2020-7595 has not yet been addressed in an upstream libxml2 release, and
so Nokogiri versions <= v1.10.7 are vulnerable.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7595
reference_id
reference_type
scores
0
value 0.00476
scoring_system epss
scoring_elements 0.65284
published_at 2026-06-07T12:55:00Z
1
value 0.00476
scoring_system epss
scoring_elements 0.65296
published_at 2026-06-06T12:55:00Z
2
value 0.00476
scoring_system epss
scoring_elements 0.65285
published_at 2026-06-05T12:55:00Z
3
value 0.00476
scoring_system epss
scoring_elements 0.65244
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7595
3
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml
7
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
8
reference_url https://github.com/sparklemotion/nokogiri/issues/1992
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1992
9
reference_url https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076
10
reference_url https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
17
reference_url https://security.gentoo.org/glsa/202010-04
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://security.gentoo.org/glsa/202010-04
18
reference_url https://security.netapp.com/advisory/ntap-20200702-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200702-0005
19
reference_url https://security.netapp.com/advisory/ntap-20200702-0005/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://security.netapp.com/advisory/ntap-20200702-0005/
20
reference_url https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08
21
reference_url https://usn.ubuntu.com/4274-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4274-1
22
reference_url https://usn.ubuntu.com/4274-1/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://usn.ubuntu.com/4274-1/
23
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
24
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
25
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
26
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1799786
reference_id 1799786
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1799786
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/
reference_id 545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
reference_id 5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
30
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582
reference_id 949582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582
31
reference_url https://security.archlinux.org/ASA-202011-15
reference_id ASA-202011-15
reference_type
scores
url https://security.archlinux.org/ASA-202011-15
32
reference_url https://security.archlinux.org/AVG-1263
reference_id AVG-1263
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1263
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7595
reference_id CVE-2020-7595
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7595
34
reference_url https://github.com/advisories/GHSA-7553-jr98-vx47
reference_id GHSA-7553-jr98-vx47
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7553-jr98-vx47
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
reference_id JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
36
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
37
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
38
reference_url https://access.redhat.com/errata/RHSA-2020:3996
reference_id RHSA-2020:3996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3996
39
reference_url https://access.redhat.com/errata/RHSA-2020:4479
reference_id RHSA-2020:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4479
40
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
fixed_packages
aliases CVE-2020-7595, GHSA-7553-jr98-vx47
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxz3-ug52-cuhn
7
url VCID-qh6t-bcd8-9qf7
vulnerability_id VCID-qh6t-bcd8-9qf7
summary 
Improper Restriction of XML External Entity Reference
`libexpat` in Expat, XML input including XML names that contain many colons could make the XML parser consume a high amount of RAM and CPU resources while processing, leading to a possible denial-of-service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20843
reference_id
reference_type
scores
0
value 0.05584
scoring_system epss
scoring_elements 0.90476
published_at 2026-06-06T12:55:00Z
1
value 0.05584
scoring_system epss
scoring_elements 0.90461
published_at 2026-06-04T12:55:00Z
2
value 0.05584
scoring_system epss
scoring_elements 0.90473
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20843
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/libexpat/libexpat/issues/186
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/issues/186
6
reference_url https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
reference_id 11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1723723
reference_id 1723723
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1723723
8
reference_url https://github.com/libexpat/libexpat/pull/262
reference_id 262
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/pull/262
9
reference_url https://seclists.org/bugtraq/2019/Jun/39
reference_id 39
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://seclists.org/bugtraq/2019/Jun/39
10
reference_url https://usn.ubuntu.com/4040-1/
reference_id 4040-1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://usn.ubuntu.com/4040-1/
11
reference_url https://usn.ubuntu.com/4040-2/
reference_id 4040-2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://usn.ubuntu.com/4040-2/
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031
reference_id 931031
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/
reference_id CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/
14
reference_url https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
reference_id Changes
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-20843
reference_id CVE-2018-20843
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-20843
16
reference_url https://www.debian.org/security/2019/dsa-4472
reference_id dsa-4472
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://www.debian.org/security/2019/dsa-4472
17
reference_url https://security.gentoo.org/glsa/201911-08
reference_id GLSA-201911-08
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://security.gentoo.org/glsa/201911-08
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/
reference_id IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/
19
reference_url https://support.f5.com/csp/article/K51011533
reference_id K51011533
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://support.f5.com/csp/article/K51011533
20
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html
reference_id msg00028.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html
21
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html
reference_id msg00039.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html
22
reference_url https://security.netapp.com/advisory/ntap-20190703-0001/
reference_id ntap-20190703-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://security.netapp.com/advisory/ntap-20190703-0001/
23
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
24
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
25
reference_url https://access.redhat.com/errata/RHSA-2020:3952
reference_id RHSA-2020:3952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3952
26
reference_url https://access.redhat.com/errata/RHSA-2020:4484
reference_id RHSA-2020:4484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4484
27
reference_url https://access.redhat.com/errata/RHSA-2020:4846
reference_id RHSA-2020:4846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4846
28
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
29
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
30
reference_url https://www.tenable.com/security/tns-2021-11
reference_id tns-2021-11
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://www.tenable.com/security/tns-2021-11
31
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
32
reference_url https://usn.ubuntu.com/USN-4852-1/
reference_id USN-USN-4852-1
reference_type
scores
url https://usn.ubuntu.com/USN-4852-1/
33
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
aliases CVE-2018-20843
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qh6t-bcd8-9qf7
8
url VCID-t9kh-3weu-qugs
vulnerability_id VCID-t9kh-3weu-qugs
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0196.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0196.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0196
reference_id
reference_type
scores
0
value 0.08584
scoring_system epss
scoring_elements 0.92569
published_at 2026-06-05T12:55:00Z
1
value 0.08584
scoring_system epss
scoring_elements 0.9256
published_at 2026-06-07T12:55:00Z
2
value 0.08584
scoring_system epss
scoring_elements 0.92556
published_at 2026-06-04T12:55:00Z
3
value 0.08584
scoring_system epss
scoring_elements 0.92565
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0196
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1695030
reference_id 1695030
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1695030
10
reference_url https://security.archlinux.org/ASA-201904-3
reference_id ASA-201904-3
reference_type
scores
url https://security.archlinux.org/ASA-201904-3
11
reference_url https://security.archlinux.org/AVG-946
reference_id AVG-946
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-946
12
reference_url https://httpd.apache.org/security/json/CVE-2019-0196.json
reference_id CVE-2019-0196
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2019-0196.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
14
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
15
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
16
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
17
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
18
reference_url https://access.redhat.com/errata/RHSA-2020:4751
reference_id RHSA-2020:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4751
fixed_packages
aliases CVE-2019-0196
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9kh-3weu-qugs
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs%3Farch=el6