{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","type":"apk","namespace":"alpine","name":"xen","version":"4.10.1-r3","qualifiers":{"arch":"x86","distroversion":"v3.8","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.10.2-r1","latest_non_vulnerable_version":"4.10.4-r3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79632?format=json","vulnerability_id":"VCID-1mwc-jdwh-1fd5","summary":"System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3665.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3665.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3665","reference_id":"","reference_type":"","scores":[{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83258","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01831","scoring_system":"epss","scoring_elements":"0.83284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3665"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1585011","reference_id":"1585011","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1585011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1852","reference_id":"RHSA-2018:1852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1944","reference_id":"RHSA-2018:1944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2164","reference_id":"RHSA-2018:2164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2165","reference_id":"RHSA-2018:2165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1170","reference_id":"RHSA-2019:1170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1190","reference_id":"RHSA-2019:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1190"},{"reference_url":"https://usn.ubuntu.com/3696-1/","reference_id":"USN-3696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3696-1/"},{"reference_url":"https://usn.ubuntu.com/3696-2/","reference_id":"USN-3696-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3696-2/"},{"reference_url":"https://usn.ubuntu.com/3698-1/","reference_id":"USN-3698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3698-1/"},{"reference_url":"https://usn.ubuntu.com/3698-2/","reference_id":"USN-3698-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3698-2/"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-267.html","reference_id":"XSA-267","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-267.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-3665","XSA-267"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mwc-jdwh-1fd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106353?format=json","vulnerability_id":"VCID-248h-3zxq-s7hq","summary":"An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 \"Operations on data structures\" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15470.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15470.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15470","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3968","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39766","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610552","reference_id":"1610552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610552"},{"reference_url":"https://security.gentoo.org/glsa/201810-06","reference_id":"GLSA-201810-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-06"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-272.html","reference_id":"XSA-272","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-272.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-15470","XSA-272"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-248h-3zxq-s7hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73809?format=json","vulnerability_id":"VCID-jp6t-afcy-dqgk","summary":"Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3639.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3639.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3639","reference_id":"","reference_type":"","scores":[{"value":"0.46733","scoring_system":"epss","scoring_elements":"0.97729","published_at":"2026-06-05T12:55:00Z"},{"value":"0.46733","scoring_system":"epss","scoring_elements":"0.97726","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3640"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/06/10/1","reference_id":"1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://www.openwall.com/lists/oss-security/2020/06/10/1"},{"reference_url":"http://www.securitytracker.com/id/1040949","reference_id":"1040949","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://www.securitytracker.com/id/1040949"},{"reference_url":"http://www.securitytracker.com/id/1042004","reference_id":"1042004","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://www.securitytracker.com/id/1042004"},{"reference_url":"http://www.securityfocus.com/bid/104232","reference_id":"104232","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://www.securityfocus.com/bid/104232"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566890","reference_id":"1566890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566890"},{"reference_url":"https://www.kb.cert.org/vuls/id/180049","reference_id":"180049","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.kb.cert.org/vuls/id/180049"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/06/10/2","reference_id":"2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://www.openwall.com/lists/oss-security/2020/06/10/2"},{"reference_url":"https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html","reference_id":"2481872_1.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html"},{"reference_url":"https://seclists.org/bugtraq/2019/Jun/36","reference_id":"36","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://seclists.org/bugtraq/2019/Jun/36"},{"reference_url":"https://usn.ubuntu.com/3651-1/","reference_id":"3651-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3651-1/"},{"reference_url":"https://usn.ubuntu.com/3652-1/","reference_id":"3652-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3652-1/"},{"reference_url":"https://usn.ubuntu.com/3653-1/","reference_id":"3653-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3653-1/"},{"reference_url":"https://usn.ubuntu.com/3653-2/","reference_id":"3653-2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3653-2/"},{"reference_url":"https://usn.ubuntu.com/3654-1/","reference_id":"3654-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3654-1/"},{"reference_url":"https://usn.ubuntu.com/3654-2/","reference_id":"3654-2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3654-2/"},{"reference_url":"https://usn.ubuntu.com/3655-1/","reference_id":"3655-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3655-1/"},{"reference_url":"https://usn.ubuntu.com/3655-2/","reference_id":"3655-2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3655-2/"},{"reference_url":"https://usn.ubuntu.com/3679-1/","reference_id":"3679-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3679-1/"},{"reference_url":"https://usn.ubuntu.com/3680-1/","reference_id":"3680-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3680-1/"},{"reference_url":"https://usn.ubuntu.com/3756-1/","reference_id":"3756-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3756-1/"},{"reference_url":"https://usn.ubuntu.com/3777-3/","reference_id":"3777-3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://usn.ubuntu.com/3777-3/"},{"reference_url":"https://www.exploit-db.com/exploits/44695/","reference_id":"44695","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.exploit-db.com/exploits/44695/"},{"reference_url":"https://nvidia.custhelp.com/app/answers/detail/a_id/4787","reference_id":"4787","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/4787"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/06/10/5","reference_id":"5","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://www.openwall.com/lists/oss-security/2020/06/10/5"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012","reference_id":"ADV180012","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012"},{"reference_url":"http://xenbits.xen.org/xsa/advisory-263.html","reference_id":"advisory-263.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://xenbits.xen.org/xsa/advisory-263.html"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel","reference_id":"cisco-sa-20180521-cpusidechannel","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel"},{"reference_url":"https://support.citrix.com/article/CTX235225","reference_id":"CTX235225","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://support.citrix.com/article/CTX235225"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1528","reference_id":"CVE-2018-3639","reference_type":"exploit","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/dos/44695.c","reference_id":"CVE-2018-3639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/dos/44695.c"},{"reference_url":"http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html","reference_id":"cve-2018-3639e.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4210","reference_id":"dsa-4210","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.debian.org/security/2018/dsa-4210"},{"reference_url":"https://www.debian.org/security/2018/dsa-4273","reference_id":"dsa-4273","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.debian.org/security/2018/dsa-4273"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html","reference_id":"intel-sa-00115.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"},{"reference_url":"http://support.lenovo.com/us/en/solutions/LEN-22133","reference_id":"LEN-22133","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://support.lenovo.com/us/en/solutions/LEN-22133"},{"reference_url":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006","reference_id":"mitel-product-security-advisory-18-0006","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html","reference_id":"msg00007.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html","reference_id":"msg00034.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html","reference_id":"msg00058.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html","reference_id":"msg00059.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180521-0001/","reference_id":"ntap-20180521-0001","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180521-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1629","reference_id":"RHSA-2018:1629","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1630","reference_id":"RHSA-2018:1630","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1632","reference_id":"RHSA-2018:1632","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1632"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1633","reference_id":"RHSA-2018:1633","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1635","reference_id":"RHSA-2018:1635","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1636","reference_id":"RHSA-2018:1636","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1637","reference_id":"RHSA-2018:1637","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1637"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1638","reference_id":"RHSA-2018:1638","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1639","reference_id":"RHSA-2018:1639","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1640","reference_id":"RHSA-2018:1640","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1641","reference_id":"RHSA-2018:1641","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1642","reference_id":"RHSA-2018:1642","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1643","reference_id":"RHSA-2018:1643","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1644","reference_id":"RHSA-2018:1644","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1645","reference_id":"RHSA-2018:1645","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1646","reference_id":"RHSA-2018:1646","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1647","reference_id":"RHSA-2018:1647","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1648","reference_id":"RHSA-2018:1648","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1649","reference_id":"RHSA-2018:1649","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1650","reference_id":"RHSA-2018:1650","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1651","reference_id":"RHSA-2018:1651","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1652","reference_id":"RHSA-2018:1652","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1653","reference_id":"RHSA-2018:1653","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1654","reference_id":"RHSA-2018:1654","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1655","reference_id":"RHSA-2018:1655","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1656","reference_id":"RHSA-2018:1656","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1657","reference_id":"RHSA-2018:1657","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1658","reference_id":"RHSA-2018:1658","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1658"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1659","reference_id":"RHSA-2018:1659","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1659"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1660","reference_id":"RHSA-2018:1660","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1660"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1661","reference_id":"RHSA-2018:1661","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1662","reference_id":"RHSA-2018:1662","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1663","reference_id":"RHSA-2018:1663","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1664","reference_id":"RHSA-2018:1664","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1665","reference_id":"RHSA-2018:1665","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1666","reference_id":"RHSA-2018:1666","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1667","reference_id":"RHSA-2018:1667","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1668","reference_id":"RHSA-2018:1668","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1669","reference_id":"RHSA-2018:1669","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1674","reference_id":"RHSA-2018:1674","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1675","reference_id":"RHSA-2018:1675","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1676","reference_id":"RHSA-2018:1676","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1686","reference_id":"RHSA-2018:1686","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1688","reference_id":"RHSA-2018:1688","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1689","reference_id":"RHSA-2018:1689","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1690","reference_id":"RHSA-2018:1690","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1696","reference_id":"RHSA-2018:1696","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1710","reference_id":"RHSA-2018:1710","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1711","reference_id":"RHSA-2018:1711","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1737","reference_id":"RHSA-2018:1737","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1738","reference_id":"RHSA-2018:1738","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1826","reference_id":"RHSA-2018:1826","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1854","reference_id":"RHSA-2018:1854","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1965","reference_id":"RHSA-2018:1965","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1967","reference_id":"RHSA-2018:1967","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1997","reference_id":"RHSA-2018:1997","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2001","reference_id":"RHSA-2018:2001","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2003","reference_id":"RHSA-2018:2003","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2006","reference_id":"RHSA-2018:2006","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2060","reference_id":"RHSA-2018:2060","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2161","reference_id":"RHSA-2018:2161","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2162","reference_id":"RHSA-2018:2162","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2164","reference_id":"RHSA-2018:2164","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2171","reference_id":"RHSA-2018:2171","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2172","reference_id":"RHSA-2018:2172","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2216","reference_id":"RHSA-2018:2216","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2228","reference_id":"RHSA-2018:2228","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2246","reference_id":"RHSA-2018:2246","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2250","reference_id":"RHSA-2018:2250","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2258","reference_id":"RHSA-2018:2258","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2289","reference_id":"RHSA-2018:2289","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2309","reference_id":"RHSA-2018:2309","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2328","reference_id":"RHSA-2018:2328","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2363","reference_id":"RHSA-2018:2363","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2364","reference_id":"RHSA-2018:2364","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2387","reference_id":"RHSA-2018:2387","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2394","reference_id":"RHSA-2018:2394","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2396","reference_id":"RHSA-2018:2396","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2948","reference_id":"RHSA-2018:2948","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3396","reference_id":"RHSA-2018:3396","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3397","reference_id":"RHSA-2018:3397","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3398","reference_id":"RHSA-2018:3398","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3398"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3399","reference_id":"RHSA-2018:3399","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3400","reference_id":"RHSA-2018:3400","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3401","reference_id":"RHSA-2018:3401","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3402","reference_id":"RHSA-2018:3402","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3407","reference_id":"RHSA-2018:3407","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3407"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3423","reference_id":"RHSA-2018:3423","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3424","reference_id":"RHSA-2018:3424","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3425","reference_id":"RHSA-2018:3425","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0148","reference_id":"RHSA-2019:0148","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1046","reference_id":"RHSA-2019:1046","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1046"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004","reference_id":"SNWLID-2018-0004","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004"},{"reference_url":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability","reference_id":"speculative-processor-vulnerability","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf","reference_id":"ssa-268644.pdf","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf","reference_id":"ssa-505225.pdf","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf","reference_id":"ssa-608355.pdf","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_18_23","reference_id":"Synology_SA_18_23","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.synology.com/support/security/Synology_SA_18_23"},{"reference_url":"https://www.us-cert.gov/ncas/alerts/TA18-141A","reference_id":"TA18-141A","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:13:59Z/"}],"url":"https://www.us-cert.gov/ncas/alerts/TA18-141A"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-263.html","reference_id":"XSA-263","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-263.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-3639","XSA-263"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jp6t-afcy-dqgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106349?format=json","vulnerability_id":"VCID-pera-49j3-3ueu","summary":"An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as \"sd\" in the libxl disk configuration, or an equivalent) are affected. IDE disks (\"hd\") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12892.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12892.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12892","reference_id":"","reference_type":"","scores":[{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.8631","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02771","scoring_system":"epss","scoring_elements":"0.86331","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12892"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12892","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12892"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12893"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590984","reference_id":"1590984","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590984"},{"reference_url":"https://security.gentoo.org/glsa/201810-06","reference_id":"GLSA-201810-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-06"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-266.html","reference_id":"XSA-266","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-266.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-12892","XSA-266"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pera-49j3-3ueu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106352?format=json","vulnerability_id":"VCID-ryde-cb98-ukgq","summary":"An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15469.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15469.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15469","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3968","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39766","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610543","reference_id":"1610543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610543"},{"reference_url":"https://security.gentoo.org/glsa/201810-06","reference_id":"GLSA-201810-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-06"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-268.html","reference_id":"XSA-268","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-268.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-15469","XSA-268"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ryde-cb98-ukgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106351?format=json","vulnerability_id":"VCID-t28t-5yyv-qyag","summary":"An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15468.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15468","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29759","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29827","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610548","reference_id":"1610548","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610548"},{"reference_url":"https://security.gentoo.org/glsa/201810-06","reference_id":"GLSA-201810-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-06"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-269.html","reference_id":"XSA-269","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-269.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-15468","XSA-269"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t28t-5yyv-qyag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6242?format=json","vulnerability_id":"VCID-x25p-vy12-nkbe","summary":"information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3646.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3646.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3646","reference_id":"","reference_type":"","scores":[{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85706","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85728","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1041451","reference_id":"1041451","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"http://www.securitytracker.com/id/1041451"},{"reference_url":"http://www.securitytracker.com/id/1042004","reference_id":"1042004","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"http://www.securitytracker.com/id/1042004"},{"reference_url":"http://www.securityfocus.com/bid/105080","reference_id":"105080","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"http://www.securityfocus.com/bid/105080"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1585005","reference_id":"1585005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1585005"},{"reference_url":"https://usn.ubuntu.com/3740-1/","reference_id":"3740-1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3740-1/"},{"reference_url":"https://usn.ubuntu.com/3740-2/","reference_id":"3740-2","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3740-2/"},{"reference_url":"https://usn.ubuntu.com/3741-1/","reference_id":"3741-1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3741-1/"},{"reference_url":"https://usn.ubuntu.com/3741-2/","reference_id":"3741-2","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3741-2/"},{"reference_url":"https://usn.ubuntu.com/3742-1/","reference_id":"3742-1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3742-1/"},{"reference_url":"https://usn.ubuntu.com/3742-2/","reference_id":"3742-2","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3742-2/"},{"reference_url":"https://usn.ubuntu.com/3756-1/","reference_id":"3756-1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3756-1/"},{"reference_url":"https://usn.ubuntu.com/3823-1/","reference_id":"3823-1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://usn.ubuntu.com/3823-1/"},{"reference_url":"https://www.kb.cert.org/vuls/id/982149","reference_id":"982149","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://www.kb.cert.org/vuls/id/982149"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018","reference_id":"ADV180018","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"},{"reference_url":"http://xenbits.xen.org/xsa/advisory-273.html","reference_id":"advisory-273.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"http://xenbits.xen.org/xsa/advisory-273.html"},{"reference_url":"https://security.archlinux.org/AVG-756","reference_id":"AVG-756","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-756"},{"reference_url":"https://security.archlinux.org/AVG-757","reference_id":"AVG-757","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-757"},{"reference_url":"https://security.archlinux.org/AVG-758","reference_id":"AVG-758","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-758"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel","reference_id":"cisco-sa-20180814-cpusidechannel","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4274","reference_id":"dsa-4274","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://www.debian.org/security/2018/dsa-4274"},{"reference_url":"https://www.debian.org/security/2018/dsa-4279","reference_id":"dsa-4279","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://www.debian.org/security/2018/dsa-4279"},{"reference_url":"https://foreshadowattack.eu/","reference_id":"foreshadowattack.eu","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://foreshadowattack.eu/"},{"reference_url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc","reference_id":"FreeBSD-SA-18:09.l1tf.asc","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc"},{"reference_url":"https://security.gentoo.org/glsa/201810-06","reference_id":"GLSA-201810-06","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://security.gentoo.org/glsa/201810-06"},{"reference_url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en","reference_id":"huawei-sa-20180815-01-cpu-en","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html","reference_id":"intel-sa-00161.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"},{"reference_url":"https://support.f5.com/csp/article/K31300402","reference_id":"K31300402","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://support.f5.com/csp/article/K31300402"},{"reference_url":"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault","reference_id":"l1-terminal-fault","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"},{"reference_url":"http://support.lenovo.com/us/en/solutions/LEN-24163","reference_id":"LEN-24163","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"http://support.lenovo.com/us/en/solutions/LEN-24163"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180815-0001/","reference_id":"ntap-20180815-0001","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180815-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2384","reference_id":"RHSA-2018:2384","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2384"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2387","reference_id":"RHSA-2018:2387","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2388","reference_id":"RHSA-2018:2388","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2389","reference_id":"RHSA-2018:2389","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2390","reference_id":"RHSA-2018:2390","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2391","reference_id":"RHSA-2018:2391","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2392","reference_id":"RHSA-2018:2392","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2393","reference_id":"RHSA-2018:2393","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2394","reference_id":"RHSA-2018:2394","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2395","reference_id":"RHSA-2018:2395","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2396","reference_id":"RHSA-2018:2396","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2402","reference_id":"RHSA-2018:2402","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2403","reference_id":"RHSA-2018:2403","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2404","reference_id":"RHSA-2018:2404","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2602","reference_id":"RHSA-2018:2602","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2603","reference_id":"RHSA-2018:2603","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2603"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010","reference_id":"SNWLID-2018-0010","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf","reference_id":"ssa-254686.pdf","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf","reference_id":"ssa-608355.pdf","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_18_45","reference_id":"Synology_SA_18_45","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://www.synology.com/support/security/Synology_SA_18_45"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/","reference_id":"V4UWGORQWCENCIF2BHWUEF2ODBV75QS2","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2018-0020.html","reference_id":"VMSA-2018-0020.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"http://www.vmware.com/security/advisories/VMSA-2018-0020.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/","reference_id":"XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:10:26Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-273.html","reference_id":"XSA-273","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-273.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-3646","XSA-273"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x25p-vy12-nkbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106348?format=json","vulnerability_id":"VCID-zm7m-gzbm-vkge","summary":"An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12891.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12891","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.2221","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22293","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12892","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12892"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12893","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12893"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590985","reference_id":"1590985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590985"},{"reference_url":"https://security.gentoo.org/glsa/201810-06","reference_id":"GLSA-201810-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-06"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-264.html","reference_id":"XSA-264","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-264.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/349173?format=json","purl":"pkg:apk/alpine/xen@4.10.1-r3?arch=x86&distroversion=v3.8&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}],"aliases":["CVE-2018-12891","XSA-264"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zm7m-gzbm-vkge"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r3%3Farch=x86&distroversion=v3.8&reponame=main"}