{"url":"http://public2.vulnerablecode.io/api/packages/203650?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3?arch=x86&distroversion=v3.23&reponame=community","type":"apk","namespace":"alpine","name":"qt6-qtwebengine","version":"6.7.2-r3","qualifiers":{"arch":"x86","distroversion":"v3.23","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.7.2-r4","latest_non_vulnerable_version":"6.10.3-r3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46273?format=json","vulnerability_id":"VCID-3r3p-r3pn-8yhj","summary":"Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7971.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7971.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7971","reference_id":"","reference_type":"","scores":[{"value":"0.01868","scoring_system":"epss","scoring_elements":"0.83506","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7971"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7971","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7971"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307092","reference_id":"2307092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307092"},{"reference_url":"https://issues.chromium.org/issues/360700873","reference_id":"360700873","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-26T14:07:05Z/"}],"url":"https://issues.chromium.org/issues/360700873"},{"reference_url":"https://security.gentoo.org/glsa/202501-09","reference_id":"GLSA-202501-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-09"},{"reference_url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html","reference_id":"stable-channel-update-for-desktop_21.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-26T14:07:05Z/"}],"url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/203650?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3%3Farch=x86&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-7971"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3r3p-r3pn-8yhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45634?format=json","vulnerability_id":"VCID-71jp-wf9g-vuaz","summary":"Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7965.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7965","reference_id":"","reference_type":"","scores":[{"value":"0.22799","scoring_system":"epss","scoring_elements":"0.96005","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7965"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307087","reference_id":"2307087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307087"},{"reference_url":"https://issues.chromium.org/issues/356196918","reference_id":"356196918","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-31T03:55:29Z/"}],"url":"https://issues.chromium.org/issues/356196918"},{"reference_url":"https://security.gentoo.org/glsa/202501-09","reference_id":"GLSA-202501-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-09"},{"reference_url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html","reference_id":"stable-channel-update-for-desktop_21.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-31T03:55:29Z/"}],"url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/203650?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3%3Farch=x86&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-7965"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-71jp-wf9g-vuaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46398?format=json","vulnerability_id":"VCID-q1az-85e1-k7hd","summary":"Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7966","reference_id":"","reference_type":"","scores":[{"value":"0.00853","scoring_system":"epss","scoring_elements":"0.75376","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7966"},{"reference_url":"https://issues.chromium.org/issues/355465305","reference_id":"355465305","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:23Z/"}],"url":"https://issues.chromium.org/issues/355465305"},{"reference_url":"https://security.gentoo.org/glsa/202501-09","reference_id":"GLSA-202501-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-09"},{"reference_url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html","reference_id":"stable-channel-update-for-desktop_21.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:23Z/"}],"url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/203650?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3%3Farch=x86&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-7966"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1az-85e1-k7hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46339?format=json","vulnerability_id":"VCID-yp2j-9t5g-dfe6","summary":"Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7974","reference_id":"","reference_type":"","scores":[{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72355","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7974"},{"reference_url":"https://issues.chromium.org/issues/339141099","reference_id":"339141099","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:38:35Z/"}],"url":"https://issues.chromium.org/issues/339141099"},{"reference_url":"https://security.gentoo.org/glsa/202501-09","reference_id":"GLSA-202501-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-09"},{"reference_url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html","reference_id":"stable-channel-update-for-desktop_21.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:38:35Z/"}],"url":"https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/203650?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3%3Farch=x86&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-7974"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yp2j-9t5g-dfe6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r3%3Farch=x86&distroversion=v3.23&reponame=community"}