{"url":"http://public2.vulnerablecode.io/api/packages/293237?format=json","purl":"pkg:apk/alpine/dino@0.4.2-r0?arch=armhf&distroversion=v3.23&reponame=community","type":"apk","namespace":"alpine","name":"dino","version":"0.4.2-r0","qualifiers":{"arch":"armhf","distroversion":"v3.23","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/134169?format=json","vulnerability_id":"VCID-8e7e-a1bq-f3gc","summary":"Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28686","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40483","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40675","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40651","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28686"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033370","reference_id":"1033370","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033370"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQLCEUZS5GPHUQMS7C6W2NS3PHYUFHYF/","reference_id":"BQLCEUZS5GPHUQMS7C6W2NS3PHYUFHYF","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:41:42Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQLCEUZS5GPHUQMS7C6W2NS3PHYUFHYF/"},{"reference_url":"https://dino.im/security/cve-2023-28686/","reference_id":"cve-2023-28686","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:41:42Z/"}],"url":"https://dino.im/security/cve-2023-28686/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5379","reference_id":"dsa-5379","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:41:42Z/"}],"url":"https://www.debian.org/security/2023/dsa-5379"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOH6NYTLPM52MDIR2IRVUR3REDVWZV6N/","reference_id":"GOH6NYTLPM52MDIR2IRVUR3REDVWZV6N","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:41:42Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOH6NYTLPM52MDIR2IRVUR3REDVWZV6N/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IIWXAK656EHSRIRUHLPBE3AX2I4TMH7M/","reference_id":"IIWXAK656EHSRIRUHLPBE3AX2I4TMH7M","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T21:41:42Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IIWXAK656EHSRIRUHLPBE3AX2I4TMH7M/"},{"reference_url":"https://usn.ubuntu.com/7430-1/","reference_id":"USN-7430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7430-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/293237?format=json","purl":"pkg:apk/alpine/dino@0.4.2-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dino@0.4.2-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2023-28686"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8e7e-a1bq-f3gc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dino@0.4.2-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}