{"url":"http://public2.vulnerablecode.io/api/packages/291811?format=json","purl":"pkg:apk/alpine/qt5-qtwebengine@5.15.16-r6?arch=riscv64&distroversion=v3.21&reponame=community","type":"apk","namespace":"alpine","name":"qt5-qtwebengine","version":"5.15.16-r6","qualifiers":{"arch":"riscv64","distroversion":"v3.21","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.15.16-r7","latest_non_vulnerable_version":"5.15.17-r7","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58868?format=json","vulnerability_id":"VCID-6vnu-1u94-mka3","summary":"Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0808"},{"reference_url":"https://crbug.com/1504936","reference_id":"1504936","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/"}],"url":"https://crbug.com/1504936"},{"reference_url":"https://security.gentoo.org/glsa/202402-23","reference_id":"GLSA-202402-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-23"},{"reference_url":"https://security.gentoo.org/glsa/202405-14","reference_id":"GLSA-202405-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-14"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/","reference_id":"MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/"},{"reference_url":"https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html","reference_id":"stable-channel-update-for-desktop_23.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/"}],"url":"https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/","reference_id":"VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/291811?format=json","purl":"pkg:apk/alpine/qt5-qtwebengine@5.15.16-r6?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r6%3Farch=riscv64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-0808"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vnu-1u94-mka3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54285?format=json","vulnerability_id":"VCID-xuzs-v398-jkb4","summary":"Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1283"},{"reference_url":"https://issues.chromium.org/issues/41494860","reference_id":"41494860","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/"}],"url":"https://issues.chromium.org/issues/41494860"},{"reference_url":"https://security.gentoo.org/glsa/202405-14","reference_id":"GLSA-202405-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-14"},{"reference_url":"https://security.gentoo.org/glsa/202507-07","reference_id":"GLSA-202507-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-07"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE/","reference_id":"KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE/"},{"reference_url":"https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/"}],"url":"https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE/","reference_id":"WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/291811?format=json","purl":"pkg:apk/alpine/qt5-qtwebengine@5.15.16-r6?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r6%3Farch=riscv64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-1283"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xuzs-v398-jkb4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r6%3Farch=riscv64&distroversion=v3.21&reponame=community"}