{"url":"http://public2.vulnerablecode.io/api/packages/2518?format=json","purl":"pkg:alpm/archlinux/linux@5.9.7.arch1-1","type":"alpm","namespace":"archlinux","name":"linux","version":"5.9.7.arch1-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.9.11.arch1-1","latest_non_vulnerable_version":"6.19.12-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80514?format=json","vulnerability_id":"VCID-hdbd-y3cp-17aw","summary":"Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8694.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8694","reference_id":"","reference_type":"","scores":[{"value":"0.00806","scoring_system":"epss","scoring_elements":"0.74505","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8694"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828580","reference_id":"1828580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828580"},{"reference_url":"https://security.archlinux.org/ASA-202011-10","reference_id":"ASA-202011-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-10"},{"reference_url":"https://security.archlinux.org/AVG-1269","reference_id":"AVG-1269","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1269"},{"reference_url":"https://security.archlinux.org/AVG-1273","reference_id":"AVG-1273","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1273"},{"reference_url":"https://security.archlinux.org/AVG-1274","reference_id":"AVG-1274","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1274"},{"reference_url":"https://security.archlinux.org/AVG-1275","reference_id":"AVG-1275","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1275"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/188474?format=json","purl":"pkg:alpm/archlinux/linux@5.9.8.arch1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bau-t3q4-2fdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux@5.9.8.arch1-1"}],"aliases":["CVE-2020-8694"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdbd-y3cp-17aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5687?format=json","vulnerability_id":"VCID-uq2t-erng-jbag","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16119.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16119.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16119","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24997","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886374","reference_id":"1886374","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886374"},{"reference_url":"https://security.archlinux.org/AVG-1244","reference_id":"AVG-1244","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1244"},{"reference_url":"https://security.archlinux.org/AVG-1245","reference_id":"AVG-1245","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1245"},{"reference_url":"https://security.archlinux.org/AVG-1246","reference_id":"AVG-1246","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1246"},{"reference_url":"https://security.archlinux.org/AVG-1247","reference_id":"AVG-1247","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1247"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2519?format=json","purl":"pkg:alpm/archlinux/linux@5.10.2.arch1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux@5.10.2.arch1-1"}],"aliases":["CVE-2020-16119"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uq2t-erng-jbag"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80428?format=json","vulnerability_id":"VCID-g2jv-jveq-2qc1","summary":"A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25704.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25704","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07499","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1895961","reference_id":"1895961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1895961"},{"reference_url":"https://security.archlinux.org/ASA-202011-10","reference_id":"ASA-202011-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-10"},{"reference_url":"https://security.archlinux.org/AVG-1268","reference_id":"AVG-1268","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1268"},{"reference_url":"https://security.archlinux.org/AVG-1269","reference_id":"AVG-1269","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1269"},{"reference_url":"https://security.archlinux.org/AVG-1270","reference_id":"AVG-1270","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1270"},{"reference_url":"https://security.archlinux.org/AVG-1271","reference_id":"AVG-1271","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1578","reference_id":"RHSA-2021:1578","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1578"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1739","reference_id":"RHSA-2021:1739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2718","reference_id":"RHSA-2021:2718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2719","reference_id":"RHSA-2021:2719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0063","reference_id":"RHSA-2022:0063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0065","reference_id":"RHSA-2022:0065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0065"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2518?format=json","purl":"pkg:alpm/archlinux/linux@5.9.7.arch1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hdbd-y3cp-17aw"},{"vulnerability":"VCID-uq2t-erng-jbag"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux@5.9.7.arch1-1"}],"aliases":["CVE-2020-25704"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g2jv-jveq-2qc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80457?format=json","vulnerability_id":"VCID-hkct-xae7-euc8","summary":"A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28974.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28974.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28974","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18745","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28974"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903126","reference_id":"1903126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903126"},{"reference_url":"https://security.archlinux.org/AVG-1313","reference_id":"AVG-1313","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1313"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1578","reference_id":"RHSA-2021:1578","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1578"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1739","reference_id":"RHSA-2021:1739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1739"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2518?format=json","purl":"pkg:alpm/archlinux/linux@5.9.7.arch1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hdbd-y3cp-17aw"},{"vulnerability":"VCID-uq2t-erng-jbag"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux@5.9.7.arch1-1"}],"aliases":["CVE-2020-28974"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkct-xae7-euc8"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/linux@5.9.7.arch1-1"}