Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/304760?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "frr", "version": "10.3-3+deb13u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "10.5.1-3", "latest_non_vulnerable_version": "10.6.1-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69554?format=api", "vulnerability_id": "VCID-1e1g-fprx-x3b2", "summary": "In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34088.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1942", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19509", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19466", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19396", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19514", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34088" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070377", "reference_id": "1070377", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070377" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278067", "reference_id": "2278067", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278067" }, { "reference_url": "https://github.com/FRRouting/frr/pull/15674/commits/34d704fb0ea60dc5063af477a2c11d4884984d4f", "reference_id": "34d704fb0ea60dc5063af477a2c11d4884984d4f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-20T16:32:25Z/" } ], "url": "https://github.com/FRRouting/frr/pull/15674/commits/34d704fb0ea60dc5063af477a2c11d4884984d4f" }, { "reference_url": "https://usn.ubuntu.com/6794-1/", "reference_id": "USN-6794-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6794-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95797?format=api", "purl": "pkg:deb/debian/frr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95799?format=api", "purl": "pkg:deb/debian/frr@7.5.1-1.1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-gq38-a2db-qygu" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@7.5.1-1.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95832?format=api", "purl": "pkg:deb/debian/frr@10.0.1-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.0.1-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-34088" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1e1g-fprx-x3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69558?format=api", "vulnerability_id": "VCID-1e26-pytr-dfg8", "summary": "FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61099.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61099.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42113", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42157", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42168", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42139", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42104", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61099" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/0042fbe8ca5aba866b4f0d166e54066bba5ab14e", "reference_id": "0042fbe8ca5aba866b4f0d166e54066bba5ab14e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:21Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/0042fbe8ca5aba866b4f0d166e54066bba5ab14e" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:21Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:21Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406601", "reference_id": "2406601", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406601" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61099.md", "reference_id": "CVE-2025-61099.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:21Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61099.md" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61099" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1e26-pytr-dfg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69567?format=api", "vulnerability_id": "VCID-4rsu-buq4-mqg1", "summary": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61107.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61107.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50116", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50141", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50098", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61107" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:25Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:25Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406810", "reference_id": "2406810", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406810" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61107.md", "reference_id": "CVE-2025-61107.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:25Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61107.md" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_id": "fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:25Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61107" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rsu-buq4-mqg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69564?format=api", "vulnerability_id": "VCID-5s78-2276-bbam", "summary": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61104.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61104.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50116", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50141", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50098", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61104" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:40Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:40Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406820", "reference_id": "2406820", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406820" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61104.md", "reference_id": "CVE-2025-61104.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:40Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61104.md" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_id": "fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:40Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61104" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5s78-2276-bbam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69553?format=api", "vulnerability_id": "VCID-77u8-npxr-nue9", "summary": "In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31951.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31951.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25163", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25279", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25263", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25212", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25155", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31951" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070377", "reference_id": "1070377", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070377" }, { "reference_url": "https://github.com/FRRouting/frr/pull/15674/", "reference_id": "15674", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:18:48Z/" } ], "url": "https://github.com/FRRouting/frr/pull/15674/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273999", "reference_id": "2273999", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273999" }, { "reference_url": "https://github.com/FRRouting/frr/pull/15674/commits/344fb4be2bc27316c74b17003c05ea40be395836", "reference_id": "344fb4be2bc27316c74b17003c05ea40be395836", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:18:48Z/" } ], "url": "https://github.com/FRRouting/frr/pull/15674/commits/344fb4be2bc27316c74b17003c05ea40be395836" }, { "reference_url": "https://usn.ubuntu.com/6794-1/", "reference_id": "USN-6794-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6794-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95797?format=api", "purl": "pkg:deb/debian/frr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95799?format=api", "purl": "pkg:deb/debian/frr@7.5.1-1.1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-gq38-a2db-qygu" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@7.5.1-1.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95832?format=api", "purl": "pkg:deb/debian/frr@10.0.1-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.0.1-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-31951" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77u8-npxr-nue9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64060?format=api", "vulnerability_id": "VCID-86kf-9g4x-jkgs", "summary": "FRRouting FRR: frr: FRRouting FRR: Improper access controls in EVPN Type-2 Route Handler", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5107.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5107.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03823", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05148", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05149", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05143", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05105", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5107" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132329", "reference_id": "1132329", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132329" }, { "reference_url": "https://github.com/FRRouting/frr/pull/21098", "reference_id": "21098", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:P/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T16:01:58Z/" } ], "url": "https://github.com/FRRouting/frr/pull/21098" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452939", "reference_id": "2452939", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452939" }, { "reference_url": "https://vuldb.com/vuln/354132", "reference_id": "354132", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:P/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T16:01:58Z/" } ], "url": "https://vuldb.com/vuln/354132" }, { "reference_url": "https://github.com/FRRouting/frr/commit/7676cad65114aa23adde583d91d9d29e2debd045", "reference_id": "7676cad65114aa23adde583d91d9d29e2debd045", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:P/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T16:01:58Z/" } ], "url": "https://github.com/FRRouting/frr/commit/7676cad65114aa23adde583d91d9d29e2debd045" }, { "reference_url": "https://vuldb.com/submit/780123", "reference_id": "780123", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:P/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T16:01:58Z/" } ], "url": "https://vuldb.com/submit/780123" }, { "reference_url": "https://vuldb.com/vuln/354132/cti", "reference_id": "cti", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:P/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T16:01:58Z/" } ], "url": "https://vuldb.com/vuln/354132/cti" }, { "reference_url": "https://github.com/FRRouting/frr/", "reference_id": "frr", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:P/A:P/E:ND/RL:OF/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C" }, { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T16:01:58Z/" } ], "url": "https://github.com/FRRouting/frr/" }, { "reference_url": "https://usn.ubuntu.com/8175-1/", "reference_id": "USN-8175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95839?format=api", "purl": "pkg:deb/debian/frr@10.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-5107" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86kf-9g4x-jkgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69559?format=api", "vulnerability_id": "VCID-ak6d-y7f2-gbay", "summary": "FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61100.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50116", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50141", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50098", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61100" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:06Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:06Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406616", "reference_id": "2406616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406616" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/cda5ddac0940562d1dca7cbef34d0ce5b00f160b", "reference_id": "cda5ddac0940562d1dca7cbef34d0ce5b00f160b", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:06Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/cda5ddac0940562d1dca7cbef34d0ce5b00f160b" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61100.md", "reference_id": "CVE-2025-61100.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:07:06Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61100.md" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61100" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ak6d-y7f2-gbay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61603?format=api", "vulnerability_id": "VCID-d3ht-2jch-qqfk", "summary": "FRRouting: frr: FRRouting: Denial of Service due to integer overflow in OSPF TLV parser functions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28532.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28532.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05683", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05703", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05689", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0569", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05648", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28532" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FRRouting/frr/pull/21002", "reference_id": "21002", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T16:36:13Z/" } ], "url": "https://github.com/FRRouting/frr/pull/21002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464230", "reference_id": "2464230", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464230" }, { "reference_url": "https://github.com/FRRouting/frr/commit/f098decf02987fbf1c891766c1516ac832adadfd", "reference_id": "f098decf02987fbf1c891766c1516ac832adadfd", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T16:36:13Z/" } ], "url": "https://github.com/FRRouting/frr/commit/f098decf02987fbf1c891766c1516ac832adadfd" }, { "reference_url": "https://github.com/FRRouting/frr/releases/tag/frr-10.5.3", "reference_id": "frr-10.5.3", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T16:36:13Z/" } ], "url": "https://github.com/FRRouting/frr/releases/tag/frr-10.5.3" }, { "reference_url": "https://www.vulncheck.com/advisories/frrouting-integer-overflow-in-ospf-tlv-parser-functions", "reference_id": "frrouting-integer-overflow-in-ospf-tlv-parser-functions", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T16:36:13Z/" } ], "url": "https://www.vulncheck.com/advisories/frrouting-integer-overflow-in-ospf-tlv-parser-functions" }, { "reference_url": "https://usn.ubuntu.com/8376-1/", "reference_id": "USN-8376-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8376-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95837?format=api", "purl": "pkg:deb/debian/frr@10.5.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28532" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3ht-2jch-qqfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69565?format=api", "vulnerability_id": "VCID-duhv-qc6g-ebcr", "summary": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61105.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61105.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42113", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42157", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42168", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42139", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42104", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61105" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61105", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61105" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:06:33Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:06:33Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406611", "reference_id": "2406611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406611" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61105.md", "reference_id": "CVE-2025-61105.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:06:33Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61105.md" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_id": "fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:06:33Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61105" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-duhv-qc6g-ebcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69552?format=api", "vulnerability_id": "VCID-ea5k-3hd6-zuhr", "summary": "In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31950.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.5559", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55615", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55621", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55609", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31950" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070377", "reference_id": "1070377", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070377" }, { "reference_url": "https://github.com/FRRouting/frr/pull/15674/", "reference_id": "15674", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:20:53Z/" } ], "url": "https://github.com/FRRouting/frr/pull/15674/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273995", "reference_id": "2273995", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273995" }, { "reference_url": "https://github.com/FRRouting/frr/pull/15674/commits/6b84541df71772f697a7f9e6b2aaf72536aab775", "reference_id": "6b84541df71772f697a7f9e6b2aaf72536aab775", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-09T19:20:53Z/" } ], "url": "https://github.com/FRRouting/frr/pull/15674/commits/6b84541df71772f697a7f9e6b2aaf72536aab775" }, { "reference_url": "https://usn.ubuntu.com/6794-1/", "reference_id": "USN-6794-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6794-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95797?format=api", "purl": "pkg:deb/debian/frr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95799?format=api", "purl": "pkg:deb/debian/frr@7.5.1-1.1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-gq38-a2db-qygu" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@7.5.1-1.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95832?format=api", "purl": "pkg:deb/debian/frr@10.0.1-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.0.1-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-31950" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea5k-3hd6-zuhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61588?format=api", "vulnerability_id": "VCID-gfnp-84dc-pkcg", "summary": "frr: denial of service via crafted FlowSpec component", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-37457.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-37457.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-37457", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18029", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18124", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18086", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18011", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18122", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-37457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-37457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-37457" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FRRouting/frr/commit/0e6882bc72c0278988a47b2f0f73b7a91099a25c", "reference_id": "0e6882bc72c0278988a47b2f0f73b7a91099a25c", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-01T18:15:57Z/" } ], "url": "https://github.com/FRRouting/frr/commit/0e6882bc72c0278988a47b2f0f73b7a91099a25c" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464548", "reference_id": "2464548", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:24340", "reference_id": "RHSA-2026:24340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:24340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:24347", "reference_id": "RHSA-2026:24347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:24347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:24370", "reference_id": "RHSA-2026:24370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:24370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:24371", "reference_id": "RHSA-2026:24371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:24371" }, { "reference_url": "https://usn.ubuntu.com/8376-1/", "reference_id": "USN-8376-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8376-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95839?format=api", "purl": "pkg:deb/debian/frr@10.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-37457" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfnp-84dc-pkcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69560?format=api", "vulnerability_id": "VCID-jjb7-va26-puhm", "summary": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61101.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50116", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50141", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50098", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61101" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:05:47Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:05:47Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406617", "reference_id": "2406617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406617" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61101.md", "reference_id": "CVE-2025-61101.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:05:47Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61101.md" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_id": "fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:05:47Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61101" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jjb7-va26-puhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69562?format=api", "vulnerability_id": "VCID-kve7-5efk-yfbh", "summary": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61102.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50116", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50141", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50098", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61102" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:03:40Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:03:40Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406618", "reference_id": "2406618", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406618" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61102.md", "reference_id": "CVE-2025-61102.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:03:40Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61102.md" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_id": "fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:03:40Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61102" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kve7-5efk-yfbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69531?format=api", "vulnerability_id": "VCID-ry1y-8ktt-9kg4", "summary": "A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3748.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3748.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2228", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22367", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22319", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22266", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2238", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042473", "reference_id": "1042473", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042473" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223668", "reference_id": "2223668", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T13:44:16Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223668" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-3748", "reference_id": "CVE-2023-3748", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T13:44:16Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-3748" }, { "reference_url": "https://usn.ubuntu.com/6240-1/", "reference_id": "USN-6240-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6240-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95797?format=api", "purl": "pkg:deb/debian/frr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95799?format=api", "purl": "pkg:deb/debian/frr@7.5.1-1.1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-gq38-a2db-qygu" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@7.5.1-1.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95816?format=api", "purl": "pkg:deb/debian/frr@9.1-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@9.1-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-3748" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ry1y-8ktt-9kg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69548?format=api", "vulnerability_id": "VCID-uz6t-6g85-kucn", "summary": "ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23251", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23346", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23301", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23247", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2336", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27913" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065144", "reference_id": "1065144", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065144" }, { "reference_url": "https://github.com/FRRouting/frr/pull/15431", "reference_id": "15431", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T20:44:24Z/" } ], "url": "https://github.com/FRRouting/frr/pull/15431" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267347", "reference_id": "2267347", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267347" }, { "reference_url": "https://usn.ubuntu.com/6679-1/", "reference_id": "USN-6679-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6679-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95797?format=api", "purl": "pkg:deb/debian/frr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95799?format=api", "purl": "pkg:deb/debian/frr@7.5.1-1.1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-gq38-a2db-qygu" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@7.5.1-1.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95816?format=api", "purl": "pkg:deb/debian/frr@9.1-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@9.1-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-27913" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uz6t-6g85-kucn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61377?format=api", "vulnerability_id": "VCID-wmgu-n9kx-xygw", "summary": "frr: denial of service via crafted UPDATE message", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-37458.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-37458.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-37458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17911", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18008", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18006", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1797", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17892", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-37458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-37458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-37458" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2465680", "reference_id": "2465680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2465680" }, { "reference_url": "https://github.com/FRRouting/frr/commit/8102a8aeceb9f86fdfe1f80cd77080522bab69c8", "reference_id": "8102a8aeceb9f86fdfe1f80cd77080522bab69c8", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T15:45:04Z/" } ], "url": "https://github.com/FRRouting/frr/commit/8102a8aeceb9f86fdfe1f80cd77080522bab69c8" }, { "reference_url": "https://github.com/mertsatilmaz/vulnerability-research/blob/main/advisories/CVE-2026-36365.md", "reference_id": "CVE-2026-36365.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T15:45:04Z/" } ], "url": "https://github.com/mertsatilmaz/vulnerability-research/blob/main/advisories/CVE-2026-36365.md" }, { "reference_url": "https://usn.ubuntu.com/8376-1/", "reference_id": "USN-8376-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8376-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95839?format=api", "purl": "pkg:deb/debian/frr@10.6.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-37458" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wmgu-n9kx-xygw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69566?format=api", "vulnerability_id": "VCID-xdyd-phps-x7d9", "summary": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61106.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61106.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50116", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50141", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50098", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61106" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61106", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61106" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:32Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:32Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406821", "reference_id": "2406821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406821" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61106.md", "reference_id": "CVE-2025-61106.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:32Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61106.md" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_id": "fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:32Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61106" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xdyd-phps-x7d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69563?format=api", "vulnerability_id": "VCID-z2uh-958p-8bdc", "summary": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61103.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61103.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50116", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50141", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50098", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61103" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61103", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61103" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292", "reference_id": "1119292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119292" }, { "reference_url": "https://github.com/FRRouting/frr/issues/19471", "reference_id": "19471", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:47Z/" } ], "url": "https://github.com/FRRouting/frr/issues/19471" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480", "reference_id": "19480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:47Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406814", "reference_id": "2406814", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406814" }, { "reference_url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61103.md", "reference_id": "CVE-2025-61103.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:47Z/" } ], "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61103.md" }, { "reference_url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_id": "fdd957408605d4a1766225630aafc7e6b7c3daf3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-28T17:10:47Z/" } ], "url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3" }, { "reference_url": "https://usn.ubuntu.com/8046-1/", "reference_id": "USN-8046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/95796?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e1g-fprx-x3b2" }, { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-2fy7-pft4-yffq" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-5wb3-6rz8-wuff" }, { "vulnerability": "VCID-77u8-npxr-nue9" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-asv2-x64e-7udv" }, { "vulnerability": "VCID-bj2r-ymnb-6qf2" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-ea5k-3hd6-zuhr" }, { "vulnerability": "VCID-gfhp-9bcc-h3ca" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-j2jj-kd9s-9bbu" }, { "vulnerability": "VCID-jfwm-pr2w-ykbp" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-k2m7-dbg6-huec" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-r1pc-epmj-9keu" }, { "vulnerability": "VCID-ry1y-8ktt-9kg4" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-tggu-9fbg-pkcx" }, { "vulnerability": "VCID-uz6t-6g85-kucn" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304759?format=api", "purl": "pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95802?format=api", "purl": "pkg:deb/debian/frr@10.3-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1e26-pytr-dfg8" }, { "vulnerability": "VCID-4rsu-buq4-mqg1" }, { "vulnerability": "VCID-5s78-2276-bbam" }, { "vulnerability": "VCID-86kf-9g4x-jkgs" }, { "vulnerability": "VCID-ak6d-y7f2-gbay" }, { "vulnerability": "VCID-d3ht-2jch-qqfk" }, { "vulnerability": "VCID-duhv-qc6g-ebcr" }, { "vulnerability": "VCID-gfnp-84dc-pkcg" }, { "vulnerability": "VCID-jjb7-va26-puhm" }, { "vulnerability": "VCID-kve7-5efk-yfbh" }, { "vulnerability": "VCID-t56j-cqpc-1kac" }, { "vulnerability": "VCID-wmgu-n9kx-xygw" }, { "vulnerability": "VCID-xdyd-phps-x7d9" }, { "vulnerability": "VCID-z2uh-958p-8bdc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/304760?format=api", "purl": "pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95836?format=api", "purl": "pkg:deb/debian/frr@10.5.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.5.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95800?format=api", "purl": "pkg:deb/debian/frr@10.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95801?format=api", "purl": "pkg:deb/debian/frr@10.6.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61103" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2uh-958p-8bdc" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie" }