{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","type":"deb","namespace":"debian","name":"erlang","version":"1:27.3.4.11+dfsg-7","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:27.3.4.12+dfsg-1","latest_non_vulnerable_version":"1:27.3.4.12+dfsg-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86870?format=json","vulnerability_id":"VCID-1py9-5tap-d7fv","summary":"Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.  In lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.  Any party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim's trust store, can use that certificate's private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.  This issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42789","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08507","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db","reference_id":"471cd2f664300a95353c467873800bbe706005db","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:41:47Z/"}],"url":"https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db"},{"reference_url":"https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd","reference_id":"59c8d824386b2eb1614ff9340624843ef6aca0fd","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:41:47Z/"}],"url":"https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-42789.html","reference_id":"CVE-2026-42789.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:41:47Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-42789.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-42789","reference_id":"EEF-CVE-2026-42789","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:41:47Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-42789"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq","reference_id":"GHSA-c99q-jmpx-v8qq","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:41:47Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:41:47Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-42789"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1py9-5tap-d7fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87872?format=json","vulnerability_id":"VCID-7xvh-aqcu-uyb4","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42791","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18653","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42791"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/7995f1fdaee3da569bb810358ce0f546471d169b","reference_id":"7995f1fdaee3da569bb810358ce0f546471d169b","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:40:27Z/"}],"url":"https://github.com/erlang/otp/commit/7995f1fdaee3da569bb810358ce0f546471d169b"},{"reference_url":"https://github.com/erlang/otp/commit/b3870e02405c709a872b01ba6086065620cdfe76","reference_id":"b3870e02405c709a872b01ba6086065620cdfe76","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:40:27Z/"}],"url":"https://github.com/erlang/otp/commit/b3870e02405c709a872b01ba6086065620cdfe76"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-42791.html","reference_id":"CVE-2026-42791.html","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:40:27Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-42791.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-42791","reference_id":"EEF-CVE-2026-42791","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:40:27Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-42791"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff","reference_id":"GHSA-cjxj-wj6x-3fff","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:40:27Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:40:27Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-42791"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xvh-aqcu-uyb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86871?format=json","vulnerability_id":"VCID-8a5v-tu8j-7kfe","summary":"Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification.  Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.example.com) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. victim.example.com):  First, pubkey_cert:validate_names/6 in lib/public_key/src/pubkey_cert.erl only checks SAN DNS entries against nameConstraints. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A leaf with no subjectAltName therefore trivially satisfies any permitted;DNS:... constraint regardless of its subject commonName.  Second, public_key:pkix_verify_hostname/3 in lib/public_key/src/public_key.erl falls back to the subject commonName when no subjectAltName is present, extracting id-at-commonName attributes as presented IDs and matching them against the reference hostname. The strict pkix_verify_hostname_match_fun(https) matcher does not suppress this fallback.  The result is that path validation accepts a CN-only leaf under a DNS-constrained intermediate (no SAN means the nameConstraints are not triggered), and hostname verification then accepts it via the CN fallback. The bypass is reachable from stock ssl:connect with verify_peer, a trusted CA, SNI, and the canonical strict https hostname matcher.  This issue affects OTP from OTP 19.3 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.4 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42790","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08507","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/0769050c69d73762672b0db1347b6993a5b31759","reference_id":"0769050c69d73762672b0db1347b6993a5b31759","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T17:31:50Z/"}],"url":"https://github.com/erlang/otp/commit/0769050c69d73762672b0db1347b6993a5b31759"},{"reference_url":"https://github.com/erlang/otp/commit/21abed64eb2026b5f82f432709e4e932f9be389a","reference_id":"21abed64eb2026b5f82f432709e4e932f9be389a","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T17:31:50Z/"}],"url":"https://github.com/erlang/otp/commit/21abed64eb2026b5f82f432709e4e932f9be389a"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-42790.html","reference_id":"CVE-2026-42790.html","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T17:31:50Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-42790.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-42790","reference_id":"EEF-CVE-2026-42790","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T17:31:50Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-42790"},{"reference_url":"https://github.com/erlang/otp/commit/fb67c6d1836f51105a96d8b769e71e4215a79457","reference_id":"fb67c6d1836f51105a96d8b769e71e4215a79457","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T17:31:50Z/"}],"url":"https://github.com/erlang/otp/commit/fb67c6d1836f51105a96d8b769e71e4215a79457"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-22cw-4ph4-6447","reference_id":"GHSA-22cw-4ph4-6447","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T17:31:50Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-22cw-4ph4-6447"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T17:31:50Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-42790"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8a5v-tu8j-7kfe"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61741?format=json","vulnerability_id":"VCID-154j-a76j-zbfz","summary":"erlang: TLS server vulnerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery or MITM attack","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000385.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000385","reference_id":"","reference_type":"","scores":[{"value":"0.83321","scoring_system":"epss","scoring_elements":"0.99287","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000385"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000385","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1520400","reference_id":"1520400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1520400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0242","reference_id":"RHSA-2018:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0303","reference_id":"RHSA-2018:0303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0368","reference_id":"RHSA-2018:0368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0528","reference_id":"RHSA-2018:0528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0528"},{"reference_url":"https://usn.ubuntu.com/3571-1/","reference_id":"USN-3571-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3571-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343097?format=json","purl":"pkg:deb/debian/erlang@1:20.1.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:20.1.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-1000385"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-154j-a76j-zbfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23629?format=json","vulnerability_id":"VCID-3qbz-kpqk-27ce","summary":"erlang: KEX init error results with excessive memory usage","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30211.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30211.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30211","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35831","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30211"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101713","reference_id":"1101713","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101713"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355785","reference_id":"2355785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355785"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc","reference_id":"GHSA-vvr3-fjhh-cfwc","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:10:23Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc"},{"reference_url":"https://usn.ubuntu.com/7425-1/","reference_id":"USN-7425-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7425-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343104?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343103?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343108?format=json","purl":"pkg:deb/debian/erlang@1:27.3.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-30211"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qbz-kpqk-27ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6789?format=json","vulnerability_id":"VCID-4ny1-ztaq-yudj","summary":"erlang/otp: Erlang/OTP kernel: DNS cache poisoning via predictable DNS transaction IDs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28810.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28810","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14848","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455868","reference_id":"2455868","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455868"},{"reference_url":"https://github.com/erlang/otp/commit/36f23c9d2cc54afe83671dd7343596d7972839a5","reference_id":"36f23c9d2cc54afe83671dd7343596d7972839a5","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/"}],"url":"https://github.com/erlang/otp/commit/36f23c9d2cc54afe83671dd7343596d7972839a5"},{"reference_url":"https://github.com/erlang/otp/commit/b057a9d995017b1be50d6dc02edd52382f3231b8","reference_id":"b057a9d995017b1be50d6dc02edd52382f3231b8","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/"}],"url":"https://github.com/erlang/otp/commit/b057a9d995017b1be50d6dc02edd52382f3231b8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-28810.html","reference_id":"CVE-2026-28810.html","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-28810.html"},{"reference_url":"https://github.com/erlang/otp/commit/dd15e8eb03548c5e55e9915f0e91389ec6bad9fd","reference_id":"dd15e8eb03548c5e55e9915f0e91389ec6bad9fd","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/"}],"url":"https://github.com/erlang/otp/commit/dd15e8eb03548c5e55e9915f0e91389ec6bad9fd"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-28810","reference_id":"EEF-CVE-2026-28810","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-28810"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-v884-5jg5-whj8","reference_id":"GHSA-v884-5jg5-whj8","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-v884-5jg5-whj8"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343117?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-28810"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ny1-ztaq-yudj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6787?format=json","vulnerability_id":"VCID-4qr6-9z6u-ekb3","summary":"Erlang OTP: Erlang OTP public_key: OCSP authorization bypass and information disclosure due to missing signature verification","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32144.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32144","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12022","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455896","reference_id":"2455896","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455896"},{"reference_url":"https://github.com/erlang/otp/commit/49033a6d93a5be0ee0dce04e1fb8b4ae7de1e0c0","reference_id":"49033a6d93a5be0ee0dce04e1fb8b4ae7de1e0c0","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:15:14Z/"}],"url":"https://github.com/erlang/otp/commit/49033a6d93a5be0ee0dce04e1fb8b4ae7de1e0c0"},{"reference_url":"https://github.com/erlang/otp/commit/ac7ff528be857c5d35eb29c7f24106e3a16d4891","reference_id":"ac7ff528be857c5d35eb29c7f24106e3a16d4891","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:15:14Z/"}],"url":"https://github.com/erlang/otp/commit/ac7ff528be857c5d35eb29c7f24106e3a16d4891"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-32144.html","reference_id":"CVE-2026-32144.html","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:15:14Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-32144.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-32144","reference_id":"EEF-CVE-2026-32144","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:15:14Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-32144"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-gxrm-pf64-99xm","reference_id":"GHSA-gxrm-pf64-99xm","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:15:14Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-gxrm-pf64-99xm"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:15:14Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343101?format=json","purl":"pkg:deb/debian/erlang@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343117?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-32144"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qr6-9z6u-ekb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86686?format=json","vulnerability_id":"VCID-57pa-s4pz-ukbc","summary":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path Traversal.  This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routines ssh_sftpd:is_within_root/2.  The SFTP server uses string prefix matching via lists:prefix/2 rather than proper path component validation when checking if a path is within the configured root directory. This allows authenticated users to access sibling directories that share a common name prefix with the configured root directory. For example, if root is set to /home/user1, paths like /home/user10 or /home/user1_backup would incorrectly be considered within the root.  This issue affects OTP from OTP 17.0 until OTP 28.4.1, OTP 27.3.4.9 and OTP 26.2.5.18, corresponding to ssh from 3.0.1 until 5.5.1, 5.2.11.6 and 5.1.4.14.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23942","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11833","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23942"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912","reference_id":"1130912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912"},{"reference_url":"https://github.com/erlang/otp/commit/27688a824f753d4c16371dc70e88753fb410590b","reference_id":"27688a824f753d4c16371dc70e88753fb410590b","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/"}],"url":"https://github.com/erlang/otp/commit/27688a824f753d4c16371dc70e88753fb410590b"},{"reference_url":"https://github.com/erlang/otp/commit/5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759","reference_id":"5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/"}],"url":"https://github.com/erlang/otp/commit/5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759"},{"reference_url":"https://github.com/erlang/otp/commit/9e0ac85d3485e7898e0da88a14be0ee2310a3b28","reference_id":"9e0ac85d3485e7898e0da88a14be0ee2310a3b28","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/"}],"url":"https://github.com/erlang/otp/commit/9e0ac85d3485e7898e0da88a14be0ee2310a3b28"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-23942.html","reference_id":"CVE-2026-23942.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-23942.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-23942","reference_id":"EEF-CVE-2026-23942","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-23942"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-4749-w85x-hw9h","reference_id":"GHSA-4749-w85x-hw9h","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-4749-w85x-hw9h"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343114?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343116?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-23942"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57pa-s4pz-ukbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63969?format=json","vulnerability_id":"VCID-5vxe-1smj-fyck","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46712","reference_id":"","reference_type":"","scores":[{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61328","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46712"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104963","reference_id":"1104963","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104963"},{"reference_url":"https://github.com/erlang/otp/commit/e4b56a9f4a511aa9990dd86c16c61439c828df83","reference_id":"e4b56a9f4a511aa9990dd86c16c61439c828df83","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/"}],"url":"https://github.com/erlang/otp/commit/e4b56a9f4a511aa9990dd86c16c61439c828df83"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-934x-xq38-hhqf","reference_id":"GHSA-934x-xq38-hhqf","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-934x-xq38-hhqf"},{"reference_url":"https://github.com/erlang/otp/releases/tag/OTP-25.3.2.21","reference_id":"OTP-25.3.2.21","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/"}],"url":"https://github.com/erlang/otp/releases/tag/OTP-25.3.2.21"},{"reference_url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.5.12","reference_id":"OTP-26.2.5.12","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/"}],"url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.5.12"},{"reference_url":"https://github.com/erlang/otp/releases/tag/OTP-27.3.4","reference_id":"OTP-27.3.4","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/"}],"url":"https://github.com/erlang/otp/releases/tag/OTP-27.3.4"},{"reference_url":"https://usn.ubuntu.com/7656-1/","reference_id":"USN-7656-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7656-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343110?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343111?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-46712"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5vxe-1smj-fyck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18259?format=json","vulnerability_id":"VCID-64dr-ju62-67hf","summary":"erlang: Erlang Excessive Use of System Resources","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48038.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48038.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48038","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43755","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48038"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/pull/10156","reference_id":"10156","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/"}],"url":"https://github.com/erlang/otp/pull/10156"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115093","reference_id":"1115093","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115093"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394522","reference_id":"2394522","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394522"},{"reference_url":"https://github.com/erlang/otp/commit/4e3bf86777ab3db7220c11d8ddabf15970ddd10a","reference_id":"4e3bf86777ab3db7220c11d8ddabf15970ddd10a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/"}],"url":"https://github.com/erlang/otp/commit/4e3bf86777ab3db7220c11d8ddabf15970ddd10a"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2025-48038.html","reference_id":"CVE-2025-48038.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/"}],"url":"https://cna.erlef.org/cves/CVE-2025-48038.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2025-48038","reference_id":"EEF-CVE-2025-48038","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2025-48038"},{"reference_url":"https://github.com/erlang/otp/commit/f09e0201ff701993dc24a08f15e524daf72db42f","reference_id":"f09e0201ff701993dc24a08f15e524daf72db42f","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/"}],"url":"https://github.com/erlang/otp/commit/f09e0201ff701993dc24a08f15e524daf72db42f"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r","reference_id":"GHSA-pvj7-9652-7h9r","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r"},{"reference_url":"https://usn.ubuntu.com/7831-1/","reference_id":"USN-7831-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7831-1/"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343112?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343095?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343094?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-48038"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-64dr-ju62-67hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46110?format=json","vulnerability_id":"VCID-67vj-n9pk-cyh3","summary":"erlang: accepts and trusts an invalid X.509 certificate chain","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35733.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35733.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35733","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38166","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35733"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1918203","reference_id":"1918203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1918203"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980199","reference_id":"980199","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980199"},{"reference_url":"https://security.archlinux.org/ASA-202101-39","reference_id":"ASA-202101-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-39"},{"reference_url":"https://security.archlinux.org/AVG-1457","reference_id":"AVG-1457","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1457"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343100?format=json","purl":"pkg:deb/debian/erlang@1:23.2.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-35733"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67vj-n9pk-cyh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86687?format=json","vulnerability_id":"VCID-6efn-es4z-4udt","summary":"Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion.  The SSH transport layer advertises legacy zlib compression by default and inflates attacker-controlled payloads pre-authentication without any size limit, enabling reliable memory exhaustion DoS.  Two compression algorithms are affected:  * zlib: Activates immediately after key exchange, enabling unauthenticated attacks * zlib@openssh.com: Activates post-authentication, enabling authenticated attacks  Each SSH packet can decompress ~255 MB from 256 KB of wire data (1029:1 amplification ratio). Multiple packets can rapidly exhaust available memory, causing OOM kills in memory-constrained environments.  This vulnerability is associated with program files lib/ssh/src/ssh_transport.erl and program routines ssh_transport:decompress/2, ssh_transport:handle_packet_part/4.  This issue affects OTP from OTP 17.0 until OTP 28.4.1, 27.3.4.9 and 26.2.5.18 corresponding to ssh from 3.0.1 until 5.5.1, 5.2.11.6 and 5.1.4.14.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23943","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20413","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23943"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4","reference_id":"0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/"}],"url":"https://github.com/erlang/otp/commit/0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912","reference_id":"1130912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912"},{"reference_url":"https://github.com/erlang/otp/commit/43a87b949bdff12d629a8c34146711d9da93b1b1","reference_id":"43a87b949bdff12d629a8c34146711d9da93b1b1","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/"}],"url":"https://github.com/erlang/otp/commit/43a87b949bdff12d629a8c34146711d9da93b1b1"},{"reference_url":"https://github.com/erlang/otp/commit/93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3","reference_id":"93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/"}],"url":"https://github.com/erlang/otp/commit/93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-23943.html","reference_id":"CVE-2026-23943.html","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-23943.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-23943","reference_id":"EEF-CVE-2026-23943","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-23943"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-c836-qprm-jw9r","reference_id":"GHSA-c836-qprm-jw9r","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-c836-qprm-jw9r"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343114?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343116?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-23943"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6efn-es4z-4udt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81799?format=json","vulnerability_id":"VCID-6pzt-ec8d-t7h5","summary":"Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1693","reference_id":"","reference_type":"","scores":[{"value":"0.00588","scoring_system":"epss","scoring_elements":"0.69439","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738132","reference_id":"738132","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738132"},{"reference_url":"https://usn.ubuntu.com/3571-1/","reference_id":"USN-3571-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3571-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343091?format=json","purl":"pkg:deb/debian/erlang@1:16.b.3.1-dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:16.b.3.1-dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-1693"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pzt-ec8d-t7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81113?format=json","vulnerability_id":"VCID-7xus-u1y7-3uap","summary":"The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0766","reference_id":"","reference_type":"","scores":[{"value":"0.03371","scoring_system":"epss","scoring_elements":"0.87568","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0766"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628456","reference_id":"628456","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628456"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343085?format=json","purl":"pkg:deb/debian/erlang@1:14.b.3-dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:14.b.3-dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-0766"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xus-u1y7-3uap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18256?format=json","vulnerability_id":"VCID-8n22-d5uj-wkdm","summary":"erlang: Erlang Exhaustion of File Handles","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48041.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48041","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43755","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48041"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/pull/10157","reference_id":"10157","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/"}],"url":"https://github.com/erlang/otp/pull/10157"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115090","reference_id":"1115090","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115090"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394520","reference_id":"2394520","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394520"},{"reference_url":"https://github.com/erlang/otp/commit/5f9af63eec4657a37663828d206517828cb9f288","reference_id":"5f9af63eec4657a37663828d206517828cb9f288","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/"}],"url":"https://github.com/erlang/otp/commit/5f9af63eec4657a37663828d206517828cb9f288"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2025-48041.html","reference_id":"CVE-2025-48041.html","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/"}],"url":"https://cna.erlef.org/cves/CVE-2025-48041.html"},{"reference_url":"https://github.com/erlang/otp/commit/d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401","reference_id":"d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/"}],"url":"https://github.com/erlang/otp/commit/d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2025-48041","reference_id":"EEF-CVE-2025-48041","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2025-48041"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-79c4-cvv7-4qm3","reference_id":"GHSA-79c4-cvv7-4qm3","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-79c4-cvv7-4qm3"},{"reference_url":"https://usn.ubuntu.com/7831-1/","reference_id":"USN-7831-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7831-1/"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343112?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343095?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343094?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-48041"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8n22-d5uj-wkdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41193?format=json","vulnerability_id":"VCID-a6m2-yp7x-mbfs","summary":"erlang/otp: Client Authentication Bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37026.json","reference_id":"","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37026.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37026","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40266","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37026"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024632","reference_id":"1024632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024632"},{"reference_url":"https://erlangforums.com/t/otp-25-1-released/1854","reference_id":"1854","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:29:58Z/"}],"url":"https://erlangforums.com/t/otp-25-1-released/1854"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141802","reference_id":"2141802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141802"},{"reference_url":"https://erlangforums.com/c/erlang-news-announcements/91","reference_id":"91","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:29:58Z/"}],"url":"https://erlangforums.com/c/erlang-news-announcements/91"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:29:58Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00012.html"},{"reference_url":"https://github.com/erlang/otp/compare/OTP-23.3.4.14...OTP-23.3.4.15","reference_id":"OTP-23.3.4.14...OTP-23.3.4.15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:29:58Z/"}],"url":"https://github.com/erlang/otp/compare/OTP-23.3.4.14...OTP-23.3.4.15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8857","reference_id":"RHSA-2022:8857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8857"},{"reference_url":"https://usn.ubuntu.com/6059-1/","reference_id":"USN-6059-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6059-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343102?format=json","purl":"pkg:deb/debian/erlang@1:24.3.4.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:24.3.4.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-37026"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a6m2-yp7x-mbfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70343?format=json","vulnerability_id":"VCID-bhqe-322z-xqhq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32433","reference_id":"","reference_type":"","scores":[{"value":"0.59722","scoring_system":"epss","scoring_elements":"0.98287","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32433"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32433","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32433"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12","reference_id":"0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/"}],"url":"https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103442","reference_id":"1103442","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103442"},{"reference_url":"https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f","reference_id":"6eef04130afc8b0ccb63c9a0d8650209cf54892f","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/"}],"url":"https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f"},{"reference_url":"https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891","reference_id":"b1924d37fd83c070055beb115d5d6a6a9490b891","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/"}],"url":"https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2","reference_id":"GHSA-37cp-fgq5-7wc2","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2"},{"reference_url":"https://usn.ubuntu.com/7443-1/","reference_id":"USN-7443-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7443-1/"},{"reference_url":"https://usn.ubuntu.com/7443-2/","reference_id":"USN-7443-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7443-2/"},{"reference_url":"https://usn.ubuntu.com/7443-3/","reference_id":"USN-7443-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7443-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343104?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343103?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343109?format=json","purl":"pkg:deb/debian/erlang@1:27.3.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-32433"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhqe-322z-xqhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46829?format=json","vulnerability_id":"VCID-bkyt-f23n-ukfu","summary":"Erlang/OTP: allows attackers to read arbitrary files via a crafted HTTP request","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25623.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25623","reference_id":"","reference_type":"","scores":[{"value":"0.00934","scoring_system":"epss","scoring_elements":"0.76477","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25623"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1885311","reference_id":"1885311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1885311"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343099?format=json","purl":"pkg:deb/debian/erlang@1:23.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25623"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkyt-f23n-ukfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18257?format=json","vulnerability_id":"VCID-d2mt-nbtf-b3fy","summary":"erlang: Erlang Excessive Resource Consumption","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48040.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48040.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48040","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43946","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48040"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/pull/10162","reference_id":"10162","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/"}],"url":"https://github.com/erlang/otp/pull/10162"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115091","reference_id":"1115091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115091"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394521","reference_id":"2394521","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394521"},{"reference_url":"https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a","reference_id":"548f1295d86d0803da884db8685cc16d461d0d5a","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/"}],"url":"https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a"},{"reference_url":"https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a","reference_id":"7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/"}],"url":"https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2025-48040.html","reference_id":"CVE-2025-48040.html","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/"}],"url":"https://cna.erlef.org/cves/CVE-2025-48040.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2025-48040","reference_id":"EEF-CVE-2025-48040","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2025-48040"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph","reference_id":"GHSA-h7rg-6rjg-4cph","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph"},{"reference_url":"https://usn.ubuntu.com/7831-1/","reference_id":"USN-7831-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7831-1/"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343095?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343094?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-48040"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d2mt-nbtf-b3fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51124?format=json","vulnerability_id":"VCID-h7x2-fxke-tkdp","summary":"erlang: allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy serve","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000107.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1000107","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60933","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1000107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000107"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115086","reference_id":"1115086","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115086"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1824460","reference_id":"1824460","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1824460"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343095?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343094?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-1000107"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7x2-fxke-tkdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65229?format=json","vulnerability_id":"VCID-he8m-w61m-b7c4","summary":"erlang: Heap-buffer overflow via regular expressions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10253.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10253.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10253","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50909","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10253"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1433985","reference_id":"1433985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1433985"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858313","reference_id":"858313","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858313"},{"reference_url":"https://usn.ubuntu.com/3571-1/","reference_id":"USN-3571-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3571-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343096?format=json","purl":"pkg:deb/debian/erlang@1:19.2.1%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:19.2.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-10253"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-he8m-w61m-b7c4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82016?format=json","vulnerability_id":"VCID-k8x8-z9nh-gug2","summary":"Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2774","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.6749","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2774"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781839","reference_id":"781839","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781839"},{"reference_url":"https://usn.ubuntu.com/3571-1/","reference_id":"USN-3571-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3571-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343093?format=json","purl":"pkg:deb/debian/erlang@1:17.3-dfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-2774"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8x8-z9nh-gug2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83649?format=json","vulnerability_id":"VCID-mfnh-3d2j-9qfm","summary":"yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12872","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09897","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12872"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12872","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12872"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343098?format=json","purl":"pkg:deb/debian/erlang@1:21.2.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:21.2.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-12872"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfnh-3d2j-9qfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74348?format=json","vulnerability_id":"VCID-nr5s-ac3b-xfeb","summary":"arbitrary file overwrite","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4748","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59368","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939","reference_id":"1107939","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939"},{"reference_url":"https://github.com/erlang/otp/commit/578d4001575aa7647ea1efd4b2b7e3afadcc99a5","reference_id":"578d4001575aa7647ea1efd4b2b7e3afadcc99a5","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://github.com/erlang/otp/commit/578d4001575aa7647ea1efd4b2b7e3afadcc99a5"},{"reference_url":"https://github.com/erlang/otp/commit/5a55feec10c9b69189d56723d8f237afa58d5d4f","reference_id":"5a55feec10c9b69189d56723d8f237afa58d5d4f","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://github.com/erlang/otp/commit/5a55feec10c9b69189d56723d8f237afa58d5d4f"},{"reference_url":"https://github.com/erlang/otp/pull/9941","reference_id":"9941","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://github.com/erlang/otp/pull/9941"},{"reference_url":"https://security.archlinux.org/AVG-2900","reference_id":"AVG-2900","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2900"},{"reference_url":"https://github.com/erlang/otp/commit/ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f","reference_id":"ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://github.com/erlang/otp/commit/ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2025-4748.html","reference_id":"CVE-2025-4748.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://cna.erlef.org/cves/CVE-2025-4748.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2025-4748","reference_id":"EEF-CVE-2025-4748","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2025-4748"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc","reference_id":"GHSA-9g37-pgj9-wrhc","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc"},{"reference_url":"https://usn.ubuntu.com/7656-1/","reference_id":"USN-7656-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7656-1/"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343112?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343110?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343113?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-4748"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nr5s-ac3b-xfeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86685?format=json","vulnerability_id":"VCID-nwj4-gjte-qyhd","summary":"Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling.  This vulnerability is associated with program files lib/inets/src/http_server/httpd_request.erl and program routines httpd_request:parse_headers/7.  The server does not reject or normalize duplicate Content-Length headers. The earliest Content-Length in the request is used for body parsing while common reverse proxies (nginx, Apache httpd, Envoy) honor the last Content-Length value. This violates RFC 9112 Section 6.3 and allows front-end/back-end desynchronization, leaving attacker-controlled bytes queued as the start of the next request.  This issue affects OTP from OTP 17.0 until OTP 28.4.1, OTP 27.3.4.9 and OTP 26.2.5.18, corresponding to inets from 5.10 until 9.6.1, 9.3.2.3 and 9.1.0.5.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23941","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09966","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23941"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912","reference_id":"1130912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912"},{"reference_url":"https://github.com/erlang/otp/commit/a4b46336fd25aa100ac602eb9a627aaead7eda18","reference_id":"a4b46336fd25aa100ac602eb9a627aaead7eda18","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/"}],"url":"https://github.com/erlang/otp/commit/a4b46336fd25aa100ac602eb9a627aaead7eda18"},{"reference_url":"https://github.com/erlang/otp/commit/a761d391d8d08316cbd7d4a86733ba932b73c45b","reference_id":"a761d391d8d08316cbd7d4a86733ba932b73c45b","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/"}],"url":"https://github.com/erlang/otp/commit/a761d391d8d08316cbd7d4a86733ba932b73c45b"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-23941.html","reference_id":"CVE-2026-23941.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-23941.html"},{"reference_url":"https://github.com/erlang/otp/commit/e775a332f623851385ab6ddb866d9b150612ddf6","reference_id":"e775a332f623851385ab6ddb866d9b150612ddf6","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/"}],"url":"https://github.com/erlang/otp/commit/e775a332f623851385ab6ddb866d9b150612ddf6"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-23941","reference_id":"EEF-CVE-2026-23941","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-23941"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-w4jc-9wpv-pqh7","reference_id":"GHSA-w4jc-9wpv-pqh7","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-w4jc-9wpv-pqh7"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343114?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343116?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-23941"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwj4-gjte-qyhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89943?format=json","vulnerability_id":"VCID-py26-h7q6-6yd1","summary":"A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a service running with \"erlsrv.exe\" to execute arbitrary code as Local System. This can occur only under specific conditions on Windows with unsafe filesystem permissions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29221","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11939","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343101?format=json","purl":"pkg:deb/debian/erlang@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-29221"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-py26-h7q6-6yd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86740?format=json","vulnerability_id":"VCID-qqzg-7f84-4fhz","summary":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to modify file attributes outside the configured chroot directory.  The SFTP daemon (ssh_sftpd) stores the raw, user-supplied path in file handles instead of the chroot-resolved path. When SSH_FXP_FSETSTAT is issued on such a handle, file attributes (permissions, ownership, timestamps) are modified on the real filesystem path, bypassing the root directory boundary entirely.  Any authenticated SFTP user on a server configured with the root option can modify file attributes of files outside the intended chroot boundary. The prerequisite is that a target file must exist on the real filesystem at the same relative path. Note that this vulnerability only allows modification of file attributes; file contents cannot be read or altered through this attack vector.  If the SSH daemon runs as root, this enables direct privilege escalation: an attacker can set the setuid bit on any binary, change ownership of sensitive files, or make system configuration world-writable.  This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routines ssh_sftpd:do_open/4 and ssh_sftpd:handle_op/4.  This issue affects OTP from OTP 17.0 until OTP 28.4.3, 27.3.4.11, and 26.2.5.20 corresponding to ssh from 3.01 until 5.5.3, 5.2.11.7, and 5.1.4.15.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32147","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05173","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/28c5d5a6c5f873dc701b597276271763e7d1c004","reference_id":"28c5d5a6c5f873dc701b597276271763e7d1c004","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T13:11:06Z/"}],"url":"https://github.com/erlang/otp/commit/28c5d5a6c5f873dc701b597276271763e7d1c004"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-32147.html","reference_id":"CVE-2026-32147.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T13:11:06Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-32147.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-32147","reference_id":"EEF-CVE-2026-32147","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T13:11:06Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-32147"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-28jg-mw9x-hpm5","reference_id":"GHSA-28jg-mw9x-hpm5","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T13:11:06Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-28jg-mw9x-hpm5"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T13:11:06Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343118?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-32147"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqzg-7f84-4fhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27349?format=json","vulnerability_id":"VCID-r7kk-7uc2-zyab","summary":"erlang: ssl fails to validate incorrect extened key usage","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53846.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53846","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18039","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53846"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330624","reference_id":"2330624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330624"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-qw6r-qh9v-638v","reference_id":"GHSA-qw6r-qh9v-638v","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-06T16:04:29Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-qw6r-qh9v-638v"},{"reference_url":"https://usn.ubuntu.com/7961-1/","reference_id":"USN-7961-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7961-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343101?format=json","purl":"pkg:deb/debian/erlang@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343106?format=json","purl":"pkg:deb/debian/erlang@1:27.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2024-53846"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7kk-7uc2-zyab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36114?format=json","vulnerability_id":"VCID-t139-hf7z-sfbc","summary":"ssh: Prefix truncation attack on Binary Packet Protocol (BPP)","references":[{"reference_url":"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json"},{"reference_url":"https://access.redhat.com/security/cve/cve-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://access.redhat.com/security/cve/cve-2023-48795"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"0.54214","scoring_system":"epss","scoring_elements":"0.98062","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48795"},{"reference_url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack"},{"reference_url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"},{"reference_url":"https://bugs.gentoo.org/920280","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugs.gentoo.org/920280"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1217950","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1217950"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-364175.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-364175.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-769027.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-769027.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-794697.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-794697.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-915275.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-915275.html"},{"reference_url":"https://crates.io/crates/thrussh/versions","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://crates.io/crates/thrussh/versions"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Mar/21","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Mar/21"},{"reference_url":"https://filezilla-project.org/versions.php","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://filezilla-project.org/versions.php"},{"reference_url":"https://forum.netgate.com/topic/184941/terrapin-ssh-attack","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://forum.netgate.com/topic/184941/terrapin-ssh-attack"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-45x7-px36-x8w8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/advisories/GHSA-45x7-px36-x8w8"},{"reference_url":"https://github.com/apache/mina-sshd/issues/445","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/apache/mina-sshd/issues/445"},{"reference_url":"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"},{"reference_url":"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"},{"reference_url":"https://github.com/cyd01/KiTTY/issues/520","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/cyd01/KiTTY/issues/520"},{"reference_url":"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"},{"reference_url":"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"},{"reference_url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.1"},{"reference_url":"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"},{"reference_url":"https://github.com/hierynomus/sshj/issues/916","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/hierynomus/sshj/issues/916"},{"reference_url":"https://github.com/janmojzis/tinyssh/issues/81","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/janmojzis/tinyssh/issues/81"},{"reference_url":"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"},{"reference_url":"https://github.com/libssh2/libssh2/pull/1291","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/libssh2/libssh2/pull/1291"},{"reference_url":"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"},{"reference_url":"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"},{"reference_url":"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"},{"reference_url":"https://github.com/mwiede/jsch/issues/457","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/issues/457"},{"reference_url":"https://github.com/mwiede/jsch/pull/461","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/pull/461"},{"reference_url":"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"},{"reference_url":"https://github.com/NixOS/nixpkgs/pull/275249","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/NixOS/nixpkgs/pull/275249"},{"reference_url":"https://github.com/openssh/openssh-portable/commits/master","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/openssh/openssh-portable/commits/master"},{"reference_url":"https://github.com/paramiko/paramiko/issues/2337","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/paramiko/paramiko/issues/2337"},{"reference_url":"https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773"},{"reference_url":"https://github.com/PowerShell/Win32-OpenSSH/issues/2189","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/PowerShell/Win32-OpenSSH/issues/2189"},{"reference_url":"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"},{"reference_url":"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/issues/456","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/issues/456"},{"reference_url":"https://github.com/rapier1/hpn-ssh/releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/rapier1/hpn-ssh/releases"},{"reference_url":"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"},{"reference_url":"https://github.com/ronf/asyncssh/tags","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ronf/asyncssh/tags"},{"reference_url":"https://github.com/ssh-mitm/ssh-mitm/issues/165","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ssh-mitm/ssh-mitm/issues/165"},{"reference_url":"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"},{"reference_url":"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"},{"reference_url":"https://github.com/warp-tech/russh","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh"},{"reference_url":"https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951"},{"reference_url":"https://github.com/warp-tech/russh/releases/tag/v0.40.2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/warp-tech/russh/releases/tag/v0.40.2"},{"reference_url":"https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8"},{"reference_url":"https://gitlab.com/libssh/libssh-mirror/-/tags","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://gitlab.com/libssh/libssh-mirror/-/tags"},{"reference_url":"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"},{"reference_url":"https://go.dev/cl/550715","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/550715"},{"reference_url":"https://go.dev/issue/64784","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/64784"},{"reference_url":"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"},{"reference_url":"https://help.panic.com/releasenotes/transmit5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://help.panic.com/releasenotes/transmit5"},{"reference_url":"https://help.panic.com/releasenotes/transmit5/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://help.panic.com/releasenotes/transmit5/"},{"reference_url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795"},{"reference_url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB"},{"reference_url":"https://matt.ucc.asn.au/dropbear/CHANGES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://matt.ucc.asn.au/dropbear/CHANGES"},{"reference_url":"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"},{"reference_url":"https://news.ycombinator.com/item?id=38684904","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38684904"},{"reference_url":"https://news.ycombinator.com/item?id=38685286","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38685286"},{"reference_url":"https://news.ycombinator.com/item?id=38732005","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38732005"},{"reference_url":"https://nova.app/releases/#v11.8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://nova.app/releases/#v11.8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48795"},{"reference_url":"https://oryx-embedded.com/download/#changelog","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://oryx-embedded.com/download/#changelog"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"},{"reference_url":"https://roumenpetrov.info/secsh/#news20231220","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://roumenpetrov.info/secsh/#news20231220"},{"reference_url":"https://security.gentoo.org/glsa/202312-16","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.gentoo.org/glsa/202312-16"},{"reference_url":"https://security.gentoo.org/glsa/202312-17","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.gentoo.org/glsa/202312-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240105-0004","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240105-0004"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-48795"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/libssh2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/libssh2"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"},{"reference_url":"https://support.apple.com/kb/HT214084","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://support.apple.com/kb/HT214084"},{"reference_url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway"},{"reference_url":"https://twitter.com/TrueSkrillor/status/1736774389725565005","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://twitter.com/TrueSkrillor/status/1736774389725565005"},{"reference_url":"https://ubuntu.com/security/CVE-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://ubuntu.com/security/CVE-2023-48795"},{"reference_url":"https://winscp.net/eng/docs/history#6.2.2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://winscp.net/eng/docs/history#6.2.2"},{"reference_url":"https://www.bitvise.com/ssh-client-version-history#933","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.bitvise.com/ssh-client-version-history#933"},{"reference_url":"https://www.bitvise.com/ssh-server-version-history","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.bitvise.com/ssh-server-version-history"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"},{"reference_url":"https://www.debian.org/security/2023/dsa-5586","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.debian.org/security/2023/dsa-5586"},{"reference_url":"https://www.debian.org/security/2023/dsa-5588","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.debian.org/security/2023/dsa-5588"},{"reference_url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"},{"reference_url":"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"},{"reference_url":"https://www.netsarang.com/en/xshell-update-history","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.netsarang.com/en/xshell-update-history"},{"reference_url":"https://www.netsarang.com/en/xshell-update-history/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.netsarang.com/en/xshell-update-history/"},{"reference_url":"https://www.openssh.com/openbsd.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openssh.com/openbsd.html"},{"reference_url":"https://www.openssh.com/txt/release-9.6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openssh.com/txt/release-9.6"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/12/18/2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/12/18/2"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/12/20/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/12/20/3"},{"reference_url":"https://www.paramiko.org/changelog.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.paramiko.org/changelog.html"},{"reference_url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed"},{"reference_url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"},{"reference_url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795"},{"reference_url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"},{"reference_url":"https://www.terrapin-attack.com","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.terrapin-attack.com"},{"reference_url":"https://www.theregister.com/2023/12/20/terrapin_attack_ssh","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.theregister.com/2023/12/20/terrapin_attack_ssh"},{"reference_url":"https://www.vandyke.com/products/securecrt/history.txt","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.vandyke.com/products/securecrt/history.txt"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/18/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/18/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/19/5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/19/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/20/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/20/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/06/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/06/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/17/8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/17/8"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001","reference_id":"1059001","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002","reference_id":"1059002","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003","reference_id":"1059003","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004","reference_id":"1059004","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005","reference_id":"1059005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006","reference_id":"1059006","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007","reference_id":"1059007","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058","reference_id":"1059058","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144","reference_id":"1059144","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290","reference_id":"1059290","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294","reference_id":"1059294","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254210","reference_id":"2254210","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254210"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/","reference_id":"33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/","reference_id":"3CAYYW35MUTNO65RVAELICTNZZFMT2XS","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/","reference_id":"3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/","reference_id":"6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/","reference_id":"BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/","reference_id":"C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/","reference_id":"CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"},{"reference_url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway/","reference_id":"CVE-2023-48795-AND-SFTP-GATEWAY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway/"},{"reference_url":"https://security.gentoo.org/glsa/202407-11","reference_id":"GLSA-202407-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-11"},{"reference_url":"https://security.gentoo.org/glsa/202407-12","reference_id":"GLSA-202407-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-12"},{"reference_url":"https://security.gentoo.org/glsa/202509-06","reference_id":"GLSA-202509-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-06"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/","reference_id":"HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/","reference_id":"I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/","reference_id":"KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/","reference_id":"L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","reference_id":"LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240105-0004/","reference_id":"ntap-20240105-0004","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240105-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7197","reference_id":"RHSA-2023:7197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7198","reference_id":"RHSA-2023:7198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7201","reference_id":"RHSA-2023:7201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0040","reference_id":"RHSA-2024:0040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0429","reference_id":"RHSA-2024:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0455","reference_id":"RHSA-2024:0455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0499","reference_id":"RHSA-2024:0499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0538","reference_id":"RHSA-2024:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0594","reference_id":"RHSA-2024:0594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0606","reference_id":"RHSA-2024:0606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0625","reference_id":"RHSA-2024:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0628","reference_id":"RHSA-2024:0628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0766","reference_id":"RHSA-2024:0766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0789","reference_id":"RHSA-2024:0789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0843","reference_id":"RHSA-2024:0843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0880","reference_id":"RHSA-2024:0880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0954","reference_id":"RHSA-2024:0954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1130","reference_id":"RHSA-2024:1130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1150","reference_id":"RHSA-2024:1150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1192","reference_id":"RHSA-2024:1192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1193","reference_id":"RHSA-2024:1193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1196","reference_id":"RHSA-2024:1196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1197","reference_id":"RHSA-2024:1197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1210","reference_id":"RHSA-2024:1210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1557","reference_id":"RHSA-2024:1557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1859","reference_id":"RHSA-2024:1859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2728","reference_id":"RHSA-2024:2728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2735","reference_id":"RHSA-2024:2735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2768","reference_id":"RHSA-2024:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2988","reference_id":"RHSA-2024:2988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3479","reference_id":"RHSA-2024:3479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3634","reference_id":"RHSA-2024:3634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3635","reference_id":"RHSA-2024:3635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3636","reference_id":"RHSA-2024:3636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3918","reference_id":"RHSA-2024:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4010","reference_id":"RHSA-2024:4010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4151","reference_id":"RHSA-2024:4151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4329","reference_id":"RHSA-2024:4329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4479","reference_id":"RHSA-2024:4479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4484","reference_id":"RHSA-2024:4484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4597","reference_id":"RHSA-2024:4597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4662","reference_id":"RHSA-2024:4662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4955","reference_id":"RHSA-2024:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4959","reference_id":"RHSA-2024:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5200","reference_id":"RHSA-2024:5200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5432","reference_id":"RHSA-2024:5432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5433","reference_id":"RHSA-2024:5433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5438","reference_id":"RHSA-2024:5438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8235","reference_id":"RHSA-2024:8235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4664","reference_id":"RHSA-2025:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4664"},{"reference_url":"https://usn.ubuntu.com/6560-1/","reference_id":"USN-6560-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-1/"},{"reference_url":"https://usn.ubuntu.com/6560-2/","reference_id":"USN-6560-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-2/"},{"reference_url":"https://usn.ubuntu.com/6561-1/","reference_id":"USN-6561-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6561-1/"},{"reference_url":"https://usn.ubuntu.com/6585-1/","reference_id":"USN-6585-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6585-1/"},{"reference_url":"https://usn.ubuntu.com/6589-1/","reference_id":"USN-6589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6589-1/"},{"reference_url":"https://usn.ubuntu.com/6598-1/","reference_id":"USN-6598-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6598-1/"},{"reference_url":"https://usn.ubuntu.com/6738-1/","reference_id":"USN-6738-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6738-1/"},{"reference_url":"https://usn.ubuntu.com/7051-1/","reference_id":"USN-7051-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7051-1/"},{"reference_url":"https://usn.ubuntu.com/7292-1/","reference_id":"USN-7292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7292-1/"},{"reference_url":"https://usn.ubuntu.com/7297-1/","reference_id":"USN-7297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343104?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343103?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343105?format=json","purl":"pkg:deb/debian/erlang@1:25.3.2.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.3.2.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-48795","GHSA-45x7-px36-x8w8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t139-hf7z-sfbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25711?format=json","vulnerability_id":"VCID-t88b-xjzm-43a7","summary":"otp: erlang: SSH SFTP packet size not verified properly in Erlang OTP","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26618.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26618","reference_id":"","reference_type":"","scores":[{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57136","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/0ed2573cbd55c92e9125c9dc70fa1ca7fed82872","reference_id":"0ed2573cbd55c92e9125c9dc70fa1ca7fed82872","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-20T20:55:12Z/"}],"url":"https://github.com/erlang/otp/commit/0ed2573cbd55c92e9125c9dc70fa1ca7fed82872"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346900","reference_id":"2346900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346900"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-78cv-45vx-q6fr","reference_id":"GHSA-78cv-45vx-q6fr","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-20T20:55:12Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-78cv-45vx-q6fr"},{"reference_url":"https://usn.ubuntu.com/7313-1/","reference_id":"USN-7313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343104?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343103?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343107?format=json","purl":"pkg:deb/debian/erlang@1:27.2.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.2.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26618"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t88b-xjzm-43a7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9591?format=json","vulnerability_id":"VCID-vqax-fdy8-gkcv","summary":"erlang: Erlang OTP tftp_file modules: Information disclosure via relative path traversal","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21620.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21620","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1216","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/pull/10706","reference_id":"10706","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://github.com/erlang/otp/pull/10706"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128651","reference_id":"1128651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128651"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441326","reference_id":"2441326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441326"},{"reference_url":"https://github.com/erlang/otp/commit/3970738f687325138eb75f798054fa8960ac354e","reference_id":"3970738f687325138eb75f798054fa8960ac354e","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://github.com/erlang/otp/commit/3970738f687325138eb75f798054fa8960ac354e"},{"reference_url":"https://github.com/erlang/otp/commit/655fb95725ba2fb811740b57e106873833824344","reference_id":"655fb95725ba2fb811740b57e106873833824344","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://github.com/erlang/otp/commit/655fb95725ba2fb811740b57e106873833824344"},{"reference_url":"https://github.com/erlang/otp/commit/696fdec922661d4a3cc528fc34bc24fae8d4ad8a","reference_id":"696fdec922661d4a3cc528fc34bc24fae8d4ad8a","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://github.com/erlang/otp/commit/696fdec922661d4a3cc528fc34bc24fae8d4ad8a"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-21620.html","reference_id":"CVE-2026-21620.html","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-21620.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-21620","reference_id":"EEF-CVE-2026-21620","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-21620"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-hmrc-prh3-rpvp","reference_id":"GHSA-hmrc-prh3-rpvp","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-hmrc-prh3-rpvp"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343114?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343115?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-21620"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqax-fdy8-gkcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18258?format=json","vulnerability_id":"VCID-w7tu-du5n-zuee","summary":"erlang: Erlang Excessive Use of System Resources","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48039.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48039.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48039","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43755","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48039"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/erlang/otp/commit/043ee3c943e2977c1acdd740ad13992fd60b6bf0","reference_id":"043ee3c943e2977c1acdd740ad13992fd60b6bf0","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/"}],"url":"https://github.com/erlang/otp/commit/043ee3c943e2977c1acdd740ad13992fd60b6bf0"},{"reference_url":"https://github.com/erlang/otp/pull/10155","reference_id":"10155","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/"}],"url":"https://github.com/erlang/otp/pull/10155"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115092","reference_id":"1115092","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115092"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394523","reference_id":"2394523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394523"},{"reference_url":"https://github.com/erlang/otp/commit/c242e6458967e9514bea351814151695807a54ac","reference_id":"c242e6458967e9514bea351814151695807a54ac","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/"}],"url":"https://github.com/erlang/otp/commit/c242e6458967e9514bea351814151695807a54ac"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2025-48039.html","reference_id":"CVE-2025-48039.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/"}],"url":"https://cna.erlef.org/cves/CVE-2025-48039.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2025-48039","reference_id":"EEF-CVE-2025-48039","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2025-48039"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-rr5p-6856-j7h8","reference_id":"GHSA-rr5p-6856-j7h8","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-rr5p-6856-j7h8"},{"reference_url":"https://usn.ubuntu.com/7831-1/","reference_id":"USN-7831-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7831-1/"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343112?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343095?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343094?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-48039"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7tu-du5n-zuee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6786?format=json","vulnerability_id":"VCID-ws6x-zs8f-b3d5","summary":"erlang/otp: inets: Erlang OTP inets modules: Unauthenticated access to protected CGI scripts via incorrect authorization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28808.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28808","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11236","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28808"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455909","reference_id":"2455909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455909"},{"reference_url":"https://github.com/erlang/otp/commit/8fc71ac6af4fbcc54103bec2983ef22e82942688","reference_id":"8fc71ac6af4fbcc54103bec2983ef22e82942688","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/"}],"url":"https://github.com/erlang/otp/commit/8fc71ac6af4fbcc54103bec2983ef22e82942688"},{"reference_url":"https://github.com/erlang/otp/commit/9dfa0c51eac97866078e808dec2183cb7871ff7c","reference_id":"9dfa0c51eac97866078e808dec2183cb7871ff7c","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/"}],"url":"https://github.com/erlang/otp/commit/9dfa0c51eac97866078e808dec2183cb7871ff7c"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"},{"reference_url":"https://cna.erlef.org/cves/CVE-2026-28808.html","reference_id":"CVE-2026-28808.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/"}],"url":"https://cna.erlef.org/cves/CVE-2026-28808.html"},{"reference_url":"https://osv.dev/vulnerability/EEF-CVE-2026-28808","reference_id":"EEF-CVE-2026-28808","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/"}],"url":"https://osv.dev/vulnerability/EEF-CVE-2026-28808"},{"reference_url":"https://github.com/erlang/otp/security/advisories/GHSA-3vhp-h532-mc3f","reference_id":"GHSA-3vhp-h532-mc3f","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/"}],"url":"https://github.com/erlang/otp/security/advisories/GHSA-3vhp-h532-mc3f"},{"reference_url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","reference_id":"versions.html#order-of-versions","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/"}],"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343117?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-28808"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ws6x-zs8f-b3d5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71633?format=json","vulnerability_id":"VCID-x6pd-2arc-gqdq","summary":"HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3389","reference_id":"","reference_type":"","scores":[{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88348","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3389"},{"reference_url":"https://curl.se/docs/CVE-2011-3389.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2011-3389.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=737506","reference_id":"737506","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=737506"},{"reference_url":"https://security.gentoo.org/glsa/201111-02","reference_id":"GLSA-201111-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201111-02"},{"reference_url":"https://security.gentoo.org/glsa/201203-02","reference_id":"GLSA-201203-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-02"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://security.gentoo.org/glsa/201406-32","reference_id":"GLSA-201406-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1380","reference_id":"RHSA-2011:1380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1384","reference_id":"RHSA-2011:1384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1384"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0006","reference_id":"RHSA-2012:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0034","reference_id":"RHSA-2012:0034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0343","reference_id":"RHSA-2012:0343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0508","reference_id":"RHSA-2012:0508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1455","reference_id":"RHSA-2013:1455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1455"},{"reference_url":"https://usn.ubuntu.com/1263-1/","reference_id":"USN-1263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1263-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343090?format=json","purl":"pkg:deb/debian/erlang@1:15.b-dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:15.b-dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-3389"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6pd-2arc-gqdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68314?format=json","vulnerability_id":"VCID-xet9-63wg-3fgw","summary":"SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566","reference_id":"","reference_type":"","scores":[{"value":"0.93538","scoring_system":"epss","scoring_elements":"0.99837","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html","reference_id":"0101.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7","reference_id":"1015-security-advisory-7","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"},{"reference_url":"http://www.securitytracker.com/id/1031029","reference_id":"1031029","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031029"},{"reference_url":"http://www.securitytracker.com/id/1031039","reference_id":"1031039","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031039"},{"reference_url":"http://www.securitytracker.com/id/1031085","reference_id":"1031085","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031085"},{"reference_url":"http://www.securitytracker.com/id/1031086","reference_id":"1031086","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031086"},{"reference_url":"http://www.securitytracker.com/id/1031087","reference_id":"1031087","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031087"},{"reference_url":"http://www.securitytracker.com/id/1031088","reference_id":"1031088","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031088"},{"reference_url":"http://www.securitytracker.com/id/1031089","reference_id":"1031089","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031089"},{"reference_url":"http://www.securitytracker.com/id/1031090","reference_id":"1031090","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031090"},{"reference_url":"http://www.securitytracker.com/id/1031091","reference_id":"1031091","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031091"},{"reference_url":"http://www.securitytracker.com/id/1031092","reference_id":"1031092","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031092"},{"reference_url":"http://www.securitytracker.com/id/1031093","reference_id":"1031093","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031093"},{"reference_url":"http://www.securitytracker.com/id/1031094","reference_id":"1031094","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031094"},{"reference_url":"http://www.securitytracker.com/id/1031095","reference_id":"1031095","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031095"},{"reference_url":"http://www.securitytracker.com/id/1031096","reference_id":"1031096","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031096"},{"reference_url":"http://www.securitytracker.com/id/1031105","reference_id":"1031105","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031105"},{"reference_url":"http://www.securitytracker.com/id/1031106","reference_id":"1031106","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031106"},{"reference_url":"http://www.securitytracker.com/id/1031107","reference_id":"1031107","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031107"},{"reference_url":"http://www.securitytracker.com/id/1031120","reference_id":"1031120","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031120"},{"reference_url":"http://www.securitytracker.com/id/1031123","reference_id":"1031123","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031123"},{"reference_url":"http://www.securitytracker.com/id/1031124","reference_id":"1031124","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031124"},{"reference_url":"http://www.securitytracker.com/id/1031130","reference_id":"1031130","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031130"},{"reference_url":"http://www.securitytracker.com/id/1031131","reference_id":"1031131","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031131"},{"reference_url":"http://www.securitytracker.com/id/1031132","reference_id":"1031132","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securitytracker.com/id/1031132"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789","reference_id":"1152789","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789"},{"reference_url":"https://access.redhat.com/articles/1232123","reference_id":"1232123","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://access.redhat.com/articles/1232123"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html","reference_id":"141114.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html","reference_id":"141158.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html","reference_id":"142330.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html","reference_id":"169361.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html","reference_id":"169374.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"},{"reference_url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html","reference_id":"2014-10-14-how-poodle-happened.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"},{"reference_url":"https://technet.microsoft.com/library/security/3009008.aspx","reference_id":"3009008.aspx","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://technet.microsoft.com/library/security/3009008.aspx"},{"reference_url":"http://www.securityfocus.com/archive/1/533746","reference_id":"533746","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/archive/1/533746"},{"reference_url":"http://www.securityfocus.com/archive/1/533747","reference_id":"533747","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/archive/1/533747"},{"reference_url":"http://www.kb.cert.org/vuls/id/577193","reference_id":"577193","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.kb.cert.org/vuls/id/577193"},{"reference_url":"http://secunia.com/advisories/59627","reference_id":"59627","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/59627"},{"reference_url":"http://secunia.com/advisories/60056","reference_id":"60056","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60056"},{"reference_url":"http://secunia.com/advisories/60206","reference_id":"60206","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60206"},{"reference_url":"http://secunia.com/advisories/60792","reference_id":"60792","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60792"},{"reference_url":"http://secunia.com/advisories/60859","reference_id":"60859","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/60859"},{"reference_url":"http://secunia.com/advisories/61019","reference_id":"61019","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61019"},{"reference_url":"http://secunia.com/advisories/61130","reference_id":"61130","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61130"},{"reference_url":"http://secunia.com/advisories/61303","reference_id":"61303","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61303"},{"reference_url":"http://secunia.com/advisories/61316","reference_id":"61316","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61316"},{"reference_url":"http://secunia.com/advisories/61345","reference_id":"61345","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61345"},{"reference_url":"http://secunia.com/advisories/61359","reference_id":"61359","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61359"},{"reference_url":"http://secunia.com/advisories/61782","reference_id":"61782","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61782"},{"reference_url":"http://secunia.com/advisories/61810","reference_id":"61810","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61810"},{"reference_url":"http://secunia.com/advisories/61819","reference_id":"61819","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61819"},{"reference_url":"http://secunia.com/advisories/61825","reference_id":"61825","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61825"},{"reference_url":"http://secunia.com/advisories/61827","reference_id":"61827","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61827"},{"reference_url":"http://secunia.com/advisories/61926","reference_id":"61926","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61926"},{"reference_url":"http://secunia.com/advisories/61995","reference_id":"61995","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://secunia.com/advisories/61995"},{"reference_url":"http://www.securityfocus.com/bid/70574","reference_id":"70574","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/bid/70574"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539","reference_id":"765539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702","reference_id":"765702","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164","reference_id":"768164","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904","reference_id":"769904","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359","reference_id":"771359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203","reference_id":"advisories?name=MDVSA-2014:203","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062","reference_id":"advisories?name=MDVSA-2015:062","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"},{"reference_url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html","reference_id":"AST-2014-011.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html"},{"reference_url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html","reference_id":"attack-of-week-poodle.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle","reference_id":"cisco-sa-20141015-poodle","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"},{"reference_url":"http://support.citrix.com/article/CTX200238","reference_id":"CTX200238","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://support.citrix.com/article/CTX200238"},{"reference_url":"https://support.citrix.com/article/CTX216642","reference_id":"CTX216642","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.citrix.com/article/CTX216642"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html","reference_id":"CVE-2014-3566.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"},{"reference_url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip","reference_id":"cve-2014-3566-removing-sslv3-from-big-ip","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"},{"reference_url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581","reference_id":"display?docId=emr_na-c04583581","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"},{"reference_url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034","reference_id":"display?docId=emr_na-c04779034","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635","reference_id":"docDisplay?docId=emr_na-c04819635","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681","reference_id":"docDisplay?docId=emr_na-c05068681","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667","reference_id":"docDisplay?docId=emr_na-c05157667","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946","reference_id":"docDisplay?docId=emr_na-c05301946","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"},{"reference_url":"https://www.suse.com/support/kb/doc.php?id=7015773","reference_id":"doc.php?id=7015773","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.suse.com/support/kb/doc.php?id=7015773"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431","reference_id":"docview.wss?uid=isg3T1021431","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439","reference_id":"docview.wss?uid=isg3T1021439","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997","reference_id":"docview.wss?uid=swg21686997","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172","reference_id":"docview.wss?uid=swg21687172","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611","reference_id":"docview.wss?uid=swg21687611","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611"},{"reference_url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165","reference_id":"docview.wss?uid=swg21688165","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283","reference_id":"docview.wss?uid=swg21688283","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299","reference_id":"docview.wss?uid=swg21692299","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299"},{"reference_url":"http://www.debian.org/security/2014/dsa-3053","reference_id":"dsa-3053","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2014/dsa-3053"},{"reference_url":"http://www.debian.org/security/2015/dsa-3144","reference_id":"dsa-3144","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2015/dsa-3144"},{"reference_url":"http://www.debian.org/security/2015/dsa-3147","reference_id":"dsa-3147","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2015/dsa-3147"},{"reference_url":"http://www.debian.org/security/2016/dsa-3489","reference_id":"dsa-3489","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.debian.org/security/2016/dsa-3489"},{"reference_url":"https://security.gentoo.org/glsa/201411-10","reference_id":"GLSA-201411-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-10"},{"reference_url":"https://security.gentoo.org/glsa/201507-14","reference_id":"GLSA-201507-14","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://security.gentoo.org/glsa/201507-14"},{"reference_url":"https://security.gentoo.org/glsa/201606-11","reference_id":"GLSA-201606-11","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://security.gentoo.org/glsa/201606-11"},{"reference_url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566","reference_id":"how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"},{"reference_url":"http://support.apple.com/HT204244","reference_id":"HT204244","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://support.apple.com/HT204244"},{"reference_url":"https://support.apple.com/kb/HT6527","reference_id":"HT6527","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6527"},{"reference_url":"https://support.apple.com/kb/HT6529","reference_id":"HT6529","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6529"},{"reference_url":"https://support.apple.com/kb/HT6531","reference_id":"HT6531","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6531"},{"reference_url":"https://support.apple.com/kb/HT6535","reference_id":"HT6535","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6535"},{"reference_url":"https://support.apple.com/kb/HT6541","reference_id":"HT6541","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6541"},{"reference_url":"https://support.apple.com/kb/HT6542","reference_id":"HT6542","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.apple.com/kb/HT6542"},{"reference_url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm","reference_id":"hw-405500.htm","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"},{"reference_url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02","reference_id":"ICSMA-18-058-02","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","reference_id":"index?page=content&id=JSA10705","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090","reference_id":"index?page=content&id=SB10090","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091","reference_id":"index?page=content&id=SB10091","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104","reference_id":"index?page=content&id=SB10104","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2","reference_id":"?l=bugtraq&m=141450452204552&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2","reference_id":"?l=bugtraq&m=141450973807288&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2","reference_id":"?l=bugtraq&m=141477196830952&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2","reference_id":"?l=bugtraq&m=141576815022399&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2","reference_id":"?l=bugtraq&m=141577087123040&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2","reference_id":"?l=bugtraq&m=141577350823734&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2","reference_id":"?l=bugtraq&m=141620103726640&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2","reference_id":"?l=bugtraq&m=141628688425177&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2","reference_id":"?l=bugtraq&m=141694355519663&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2","reference_id":"?l=bugtraq&m=141697638231025&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2","reference_id":"?l=bugtraq&m=141697676231104&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2","reference_id":"?l=bugtraq&m=141703183219781&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2","reference_id":"?l=bugtraq&m=141715130023061&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2","reference_id":"?l=bugtraq&m=141775427104070&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2","reference_id":"?l=bugtraq&m=141813976718456&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2","reference_id":"?l=bugtraq&m=141814011518700&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2","reference_id":"?l=bugtraq&m=141879378918327&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2","reference_id":"?l=bugtraq&m=142103967620673&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2","reference_id":"?l=bugtraq&m=142118135300698&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2","reference_id":"?l=bugtraq&m=142296755107581&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2","reference_id":"?l=bugtraq&m=142350196615714&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2","reference_id":"?l=bugtraq&m=142350298616097&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2","reference_id":"?l=bugtraq&m=142350743917559&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2","reference_id":"?l=bugtraq&m=142354438527235&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2","reference_id":"?l=bugtraq&m=142357976805598&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2","reference_id":"?l=bugtraq&m=142495837901899&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2","reference_id":"?l=bugtraq&m=142496355704097&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2","reference_id":"?l=bugtraq&m=142546741516006&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2","reference_id":"?l=bugtraq&m=142607790919348&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2","reference_id":"?l=bugtraq&m=142624590206005&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067","reference_id":"?l=bugtraq&m=142624619906067","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624619906067"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2","reference_id":"?l=bugtraq&m=142624619906067&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2","reference_id":"?l=bugtraq&m=142624679706236&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2","reference_id":"?l=bugtraq&m=142624719706349&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2","reference_id":"?l=bugtraq&m=142721830231196&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2","reference_id":"?l=bugtraq&m=142721887231400&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2","reference_id":"?l=bugtraq&m=142740155824959&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2","reference_id":"?l=bugtraq&m=142791032306609&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2","reference_id":"?l=bugtraq&m=142804214608580&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2","reference_id":"?l=bugtraq&m=142805027510172&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2","reference_id":"?l=bugtraq&m=142962817202793&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2","reference_id":"?l=bugtraq&m=143039249603103&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2","reference_id":"?l=bugtraq&m=143101048219218&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2","reference_id":"?l=bugtraq&m=143290371927178&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2","reference_id":"?l=bugtraq&m=143290437727362&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2","reference_id":"?l=bugtraq&m=143290522027658&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2","reference_id":"?l=bugtraq&m=143290583027876&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2","reference_id":"?l=bugtraq&m=143558137709884&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2","reference_id":"?l=bugtraq&m=143558192010071&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2","reference_id":"?l=bugtraq&m=143628269912142&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2","reference_id":"?l=bugtraq&m=144101915224472&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2","reference_id":"?l=bugtraq&m=144251162130364&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2","reference_id":"?l=bugtraq&m=144294141001552&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2","reference_id":"?l=bugtraq&m=145983526810210&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2"},{"reference_url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2","reference_id":"?l=openssl-dev&m=141333049205629&w=2","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0416.html","reference_id":"MGASA-2014-0416.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://advisories.mageia.org/MGASA-2014-0416.html"},{"reference_url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf","reference_id":"MOVEitReleaseNotes82.pdf","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html","reference_id":"msg00026.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html","reference_id":"msg00033.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html","reference_id":"msg00036.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html","reference_id":"msg00066.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"},{"reference_url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6","reference_id":"multiple_vulnerabilities_in_openssl6","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"},{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc","reference_id":"NetBSD-SA2014-015.txt.asc","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"},{"reference_url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/","reference_id":"node-v0-10-33-stable","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20141015-0001/","reference_id":"ntap-20141015-0001","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://security.netapp.com/advisory/ntap-20141015-0001/"},{"reference_url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc","reference_id":"openssl_advisory11.asc","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"},{"reference_url":"https://support.lenovo.com/product_security/poodle","reference_id":"poodle","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.lenovo.com/product_security/poodle"},{"reference_url":"https://support.lenovo.com/us/en/product_security/poodle","reference_id":"poodle","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://support.lenovo.com/us/en/product_security/poodle"},{"reference_url":"https://www.imperialviolet.org/2014/10/14/poodle.html","reference_id":"poodle.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.imperialviolet.org/2014/10/14/poodle.html"},{"reference_url":"https://github.com/mpgn/poodle-PoC","reference_id":"poodle-PoC","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://github.com/mpgn/poodle-PoC"},{"reference_url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability","reference_id":"poodle-sslv3-vulnerability","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html","reference_id":"RHSA-2014-1652.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html","reference_id":"RHSA-2014-1653.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html","reference_id":"RHSA-2014-1692.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1876","reference_id":"RHSA-2014:1876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1876"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html","reference_id":"RHSA-2014-1876.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1877","reference_id":"RHSA-2014:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1877"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html","reference_id":"RHSA-2014-1877.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1880","reference_id":"RHSA-2014:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1880"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html","reference_id":"RHSA-2014-1880.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1881","reference_id":"RHSA-2014:1881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1881"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html","reference_id":"RHSA-2014-1881.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1882","reference_id":"RHSA-2014:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1882"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html","reference_id":"RHSA-2014-1882.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1920","reference_id":"RHSA-2014:1920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1920"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html","reference_id":"RHSA-2014-1920.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html","reference_id":"RHSA-2014-1948.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0010","reference_id":"RHSA-2015:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0011","reference_id":"RHSA-2015:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0012","reference_id":"RHSA-2015:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0067","reference_id":"RHSA-2015:0067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0068","reference_id":"RHSA-2015:0068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0068"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html","reference_id":"RHSA-2015-0068.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0069","reference_id":"RHSA-2015:0069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0079","reference_id":"RHSA-2015:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0079"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html","reference_id":"RHSA-2015-0079.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0080","reference_id":"RHSA-2015:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0080"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html","reference_id":"RHSA-2015-0080.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0085","reference_id":"RHSA-2015:0085","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0085"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html","reference_id":"RHSA-2015-0085.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0086","reference_id":"RHSA-2015:0086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0086"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html","reference_id":"RHSA-2015-0086.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0264","reference_id":"RHSA-2015:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0264"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html","reference_id":"RHSA-2015-0264.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"RHSA-2015-0698.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1545","reference_id":"RHSA-2015:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1545"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html","reference_id":"RHSA-2015-1545.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1546","reference_id":"RHSA-2015:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1546"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html","reference_id":"RHSA-2015-1546.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa83","reference_id":"sa83","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://bto.bluecoat.com/security-advisory/sa83"},{"reference_url":"https://www.openssl.org/news/secadv_20141015.txt","reference_id":"secadv_20141015.txt","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.openssl.org/news/secadv_20141015.txt"},{"reference_url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx","reference_id":"security-advisory-3009008-released.aspx","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983","reference_id":"show_bug.cgi?id=1076983","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"},{"reference_url":"https://www.openssl.org/~bodo/ssl-poodle.pdf","reference_id":"ssl-poodle.pdf","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://www.openssl.org/~bodo/ssl-poodle.pdf"},{"reference_url":"http://www.us-cert.gov/ncas/alerts/TA14-290A","reference_id":"TA14-290A","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.us-cert.gov/ncas/alerts/TA14-290A"},{"reference_url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/","reference_id":"the-poodle-attack-and-the-end-of-ssl-3-0","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"},{"reference_url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html","reference_id":"this-poodle-bites-exploiting-ssl-30.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"},{"reference_url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded"},{"reference_url":"https://usn.ubuntu.com/2486-1/","reference_id":"USN-2486-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2486-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2486-1","reference_id":"USN-2486-1","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.ubuntu.com/usn/USN-2486-1"},{"reference_url":"https://usn.ubuntu.com/2487-1/","reference_id":"USN-2487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2487-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2487-1","reference_id":"USN-2487-1","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.ubuntu.com/usn/USN-2487-1"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html","reference_id":"VMSA-2015-0003.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html"},{"reference_url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","reference_id":"Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/"}],"url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/343092?format=json","purl":"pkg:deb/debian/erlang@1:17.3-dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:17.3-dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343086?format=json","purl":"pkg:deb/debian/erlang@1:23.2.6%2Bdfsg-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-5vxe-1smj-fyck"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-d2mt-nbtf-b3fy"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:23.2.6%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343084?format=json","purl":"pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-h7x2-fxke-tkdp"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343089?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-4ny1-ztaq-yudj"},{"vulnerability":"VCID-4qr6-9z6u-ekb3"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"},{"vulnerability":"VCID-qqzg-7f84-4fhz"},{"vulnerability":"VCID-ws6x-zs8f-b3d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343087?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.11%2Bdfsg-7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1py9-5tap-d7fv"},{"vulnerability":"VCID-7xvh-aqcu-uyb4"},{"vulnerability":"VCID-8a5v-tu8j-7kfe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/343088?format=json","purl":"pkg:deb/debian/erlang@1:27.3.4.12%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.12%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-3566"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xet9-63wg-3fgw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.11%252Bdfsg-7%3Fdistro=trixie"}