{"url":"http://public2.vulnerablecode.io/api/packages/146257?format=json","purl":"pkg:rpm/redhat/kernel@3.10.0-693.69.1?arch=el7","type":"rpm","namespace":"redhat","name":"kernel","version":"3.10.0-693.69.1","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79602?format=json","vulnerability_id":"VCID-mvm6-yc3d-e3gq","summary":"An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20169.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20169","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2685","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26952","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26944","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26906","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26852","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2686","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660385","reference_id":"1660385","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3309","reference_id":"RHSA-2019:3309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3517","reference_id":"RHSA-2019:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1016","reference_id":"RHSA-2020:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1070","reference_id":"RHSA-2020:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2522","reference_id":"RHSA-2020:2522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2770","reference_id":"RHSA-2020:2770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2777","reference_id":"RHSA-2020:2777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"},{"reference_url":"https://usn.ubuntu.com/3879-1/","reference_id":"USN-3879-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3879-1/"},{"reference_url":"https://usn.ubuntu.com/3879-2/","reference_id":"USN-3879-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3879-2/"}],"fixed_packages":[],"aliases":["CVE-2018-20169"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mvm6-yc3d-e3gq"}],"fixing_vulnerabilities":[],"risk_score":"2.9","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@3.10.0-693.69.1%3Farch=el7"}