{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","type":"deb","namespace":"debian","name":"nginx","version":"1.18.0-6.1+deb11u3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.18.0-6.1+deb11u4","latest_non_vulnerable_version":"1.30.1-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34685?format=json","vulnerability_id":"VCID-kvpj-4273-4khg","summary":"HTTP/2 Stream Cancellation Attack\n## HTTP/2 Rapid reset attack\nThe HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed.\n\nAbuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. \n\nThe HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately.\n\nThe ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth.\n\nIn a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client.\n\nMultiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows.\n\n## swift-nio-http2 specific advisory\nswift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress.\n\nswift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json"},{"reference_url":"https://access.redhat.com/security/cve/cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://access.redhat.com/security/cve/cve-2023-44487"},{"reference_url":"https://akka.io/security/akka-http-cve-2023-44487.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://akka.io/security/akka-http-cve-2023-44487.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"0.944","scoring_system":"epss","scoring_elements":"0.99976","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44487"},{"reference_url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size"},{"reference_url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011"},{"reference_url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack"},{"reference_url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack"},{"reference_url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty"},{"reference_url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"},{"reference_url":"https://blog.vespa.ai/cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.vespa.ai/cve-2023-44487"},{"reference_url":"https://bugzilla.proxmox.com/show_bug.cgi?id=4988","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.proxmox.com/show_bug.cgi?id=4988"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242803","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242803"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1216123","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1216123"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-341067.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-341067.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-784301.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-784301.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-832273.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-832273.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-915275.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-915275.html"},{"reference_url":"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"},{"reference_url":"https://chaos.social/@icing/111210915918780532","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://chaos.social/@icing/111210915918780532"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"},{"reference_url":"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"Important","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45648","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45648"},{"reference_url":"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"},{"reference_url":"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"},{"reference_url":"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"},{"reference_url":"https://github.com/advisories/GHSA-qppj-fm5r-hxr3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-qppj-fm5r-hxr3"},{"reference_url":"https://github.com/advisories/GHSA-vx74-f528-fxqg","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-vx74-f528-fxqg"},{"reference_url":"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"},{"reference_url":"https://github.com/akka/akka-http/issues/4323","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/akka/akka-http/issues/4323"},{"reference_url":"https://github.com/akka/akka-http/pull/4324","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/akka/akka-http/pull/4324"},{"reference_url":"https://github.com/akka/akka-http/pull/4325","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/akka/akka-http/pull/4325"},{"reference_url":"https://github.com/alibaba/tengine/issues/1872","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/alibaba/tengine/issues/1872"},{"reference_url":"https://github.com/apache/apisix/issues/10320","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/apisix/issues/10320"},{"reference_url":"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"},{"reference_url":"https://github.com/apache/httpd-site/pull/10","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/httpd-site/pull/10"},{"reference_url":"https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a"},{"reference_url":"https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49"},{"reference_url":"https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628"},{"reference_url":"https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e"},{"reference_url":"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"},{"reference_url":"https://github.com/apache/trafficserver/pull/10564","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/trafficserver/pull/10564"},{"reference_url":"https://github.com/apple/swift-nio-http2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apple/swift-nio-http2"},{"reference_url":"https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3"},{"reference_url":"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"},{"reference_url":"https://github.com/Azure/AKS/issues/3947","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/Azure/AKS/issues/3947"},{"reference_url":"https://github.com/bcdannyboy/CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/bcdannyboy/CVE-2023-44487"},{"reference_url":"https://github.com/caddyserver/caddy/issues/5877","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/caddyserver/caddy/issues/5877"},{"reference_url":"https://github.com/caddyserver/caddy/releases/tag/v2.7.5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/caddyserver/caddy/releases/tag/v2.7.5"},{"reference_url":"https://github.com/dotnet/announcements/issues/277","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/dotnet/announcements/issues/277"},{"reference_url":"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"},{"reference_url":"https://github.com/eclipse/jetty.project/issues/10679","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/eclipse/jetty.project/issues/10679"},{"reference_url":"https://github.com/envoyproxy/envoy/pull/30055","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/envoyproxy/envoy/pull/30055"},{"reference_url":"https://github.com/etcd-io/etcd/issues/16740","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/etcd-io/etcd/issues/16740"},{"reference_url":"https://github.com/facebook/proxygen/pull/466","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/facebook/proxygen/pull/466"},{"reference_url":"https://github.com/golang/go/issues/63417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/golang/go/issues/63417"},{"reference_url":"https://github.com/grpc/grpc-go/pull/6703","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/grpc/grpc-go/pull/6703"},{"reference_url":"https://github.com/grpc/grpc-go/releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/grpc/grpc-go/releases"},{"reference_url":"https://github.com/grpc/grpc/releases/tag/v1.59.2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/grpc/grpc/releases/tag/v1.59.2"},{"reference_url":"https://github.com/h2o/h2o/pull/3291","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/h2o/h2o/pull/3291"},{"reference_url":"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"},{"reference_url":"https://github.com/haproxy/haproxy/issues/2312","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/haproxy/haproxy/issues/2312"},{"reference_url":"https://github.com/hyperium/hyper/issues/3337","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/hyperium/hyper/issues/3337"},{"reference_url":"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"},{"reference_url":"https://github.com/junkurihara/rust-rpxy/issues/97","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/junkurihara/rust-rpxy/issues/97"},{"reference_url":"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"},{"reference_url":"https://github.com/kazu-yamamoto/http2/issues/93","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kazu-yamamoto/http2/issues/93"},{"reference_url":"https://github.com/Kong/kong/discussions/11741","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/Kong/kong/discussions/11741"},{"reference_url":"https://github.com/kubernetes/kubernetes/pull/121120","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kubernetes/kubernetes/pull/121120"},{"reference_url":"https://github.com/line/armeria/pull/5232","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/line/armeria/pull/5232"},{"reference_url":"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"},{"reference_url":"https://github.com/micrictor/http2-rst-stream","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/micrictor/http2-rst-stream"},{"reference_url":"https://github.com/microsoft/CBL-Mariner/pull/6381","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/microsoft/CBL-Mariner/pull/6381"},{"reference_url":"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"},{"reference_url":"https://github.com/nghttp2/nghttp2/pull/1961","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nghttp2/nghttp2/pull/1961"},{"reference_url":"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"},{"reference_url":"https://github.com/ninenines/cowboy/issues/1615","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/ninenines/cowboy/issues/1615"},{"reference_url":"https://github.com/nodejs/node/pull/50121","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nodejs/node/pull/50121"},{"reference_url":"https://github.com/openresty/openresty/issues/930","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/openresty/openresty/issues/930"},{"reference_url":"https://github.com/opensearch-project/data-prepper/issues/3474","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/opensearch-project/data-prepper/issues/3474"},{"reference_url":"https://github.com/oqtane/oqtane.framework/discussions/3367","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/oqtane/oqtane.framework/discussions/3367"},{"reference_url":"https://github.com/projectcontour/contour/pull/5826","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/projectcontour/contour/pull/5826"},{"reference_url":"https://github.com/tempesta-tech/tempesta/issues/1986","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/tempesta-tech/tempesta/issues/1986"},{"reference_url":"https://github.com/varnishcache/varnish-cache/issues/3996","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/varnishcache/varnish-cache/issues/3996"},{"reference_url":"https://go.dev/cl/534215","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/534215"},{"reference_url":"https://go.dev/cl/534235","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/534235"},{"reference_url":"https://go.dev/issue/63417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/63417"},{"reference_url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"},{"reference_url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"},{"reference_url":"https://istio.io/latest/news/security/istio-security-2023-004","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://istio.io/latest/news/security/istio-security-2023-004"},{"reference_url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487"},{"reference_url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4"},{"reference_url":"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"},{"reference_url":"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"},{"reference_url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"},{"reference_url":"https://my.f5.com/manage/s/article/K000137106","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://my.f5.com/manage/s/article/K000137106"},{"reference_url":"https://netty.io/news/2023/10/10/4-1-100-Final.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://netty.io/news/2023/10/10/4-1-100-Final.html"},{"reference_url":"https://news.ycombinator.com/item?id=37830987","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37830987"},{"reference_url":"https://news.ycombinator.com/item?id=37830998","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37830998"},{"reference_url":"https://news.ycombinator.com/item?id=37831062","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37831062"},{"reference_url":"https://news.ycombinator.com/item?id=37837043","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37837043"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44487"},{"reference_url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response"},{"reference_url":"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"},{"reference_url":"https://security.gentoo.org/glsa/202311-09","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.gentoo.org/glsa/202311-09"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231016-0001","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231016-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0007","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240426-0007"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007"},{"reference_url":"https://security.paloaltonetworks.com/CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.paloaltonetworks.com/CVE-2023-44487"},{"reference_url":"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"},{"reference_url":"https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12"},{"reference_url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94"},{"reference_url":"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81"},{"reference_url":"https://ubuntu.com/security/CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://ubuntu.com/security/CVE-2023-44487"},{"reference_url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"},{"reference_url":"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"},{"reference_url":"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"},{"reference_url":"https://www.debian.org/security/2023/dsa-5521","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5521"},{"reference_url":"https://www.debian.org/security/2023/dsa-5522","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5522"},{"reference_url":"https://www.debian.org/security/2023/dsa-5540","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5540"},{"reference_url":"https://www.debian.org/security/2023/dsa-5549","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5549"},{"reference_url":"https://www.debian.org/security/2023/dsa-5558","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5558"},{"reference_url":"https://www.debian.org/security/2023/dsa-5570","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5570"},{"reference_url":"https://www.eclipse.org/lists/jetty-announce/msg00181.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.eclipse.org/lists/jetty-announce/msg00181.html"},{"reference_url":"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"},{"reference_url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487"},{"reference_url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/10/10/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/10/10/6"},{"reference_url":"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"},{"reference_url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday"},{"reference_url":"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/10/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/10/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/10/7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/10/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/13/4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/13/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/13/9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/13/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/18/4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/18/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/18/8","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/18/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/19/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/19/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/20/8","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/20/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/08/13/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/08/13/6"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769","reference_id":"1053769","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770","reference_id":"1053770","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801","reference_id":"1053801","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232","reference_id":"1054232","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234","reference_id":"1054234","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156","reference_id":"1056156","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421","reference_id":"1074421","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421"},{"reference_url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/","reference_id":"2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/","reference_id":"AWS-2023-011","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/","reference_id":"BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/","reference_id":"CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"},{"reference_url":"https://blog.vespa.ai/cve-2023-44487/","reference_id":"cve-2023-44487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.vespa.ai/cve-2023-44487/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py","reference_id":"CVE-2023-44487","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","reference_id":"E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","reference_id":"FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"},{"reference_url":"https://security.gentoo.org/glsa/202408-10","reference_id":"GLSA-202408-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-10"},{"reference_url":"https://security.gentoo.org/glsa/202412-14","reference_id":"GLSA-202412-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-14"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/","reference_id":"google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"},{"reference_url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/","reference_id":"how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","reference_id":"HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"},{"reference_url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/","reference_id":"http-2-rapid-reset-attack-impacting-f5-nginx-products","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"},{"reference_url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/","reference_id":"http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"},{"reference_url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/","reference_id":"http2_rapid_reset_zeroday","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"},{"reference_url":"https://istio.io/latest/news/security/istio-security-2023-004/","reference_id":"istio-security-2023-004","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://istio.io/latest/news/security/istio-security-2023-004/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","reference_id":"JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/","reference_id":"JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/","reference_id":"KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"},{"reference_url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/","reference_id":"linkerd-cve-2023-44487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","reference_id":"LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/","reference_id":"LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"},{"reference_url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/","reference_id":"netlify-successfully-mitigates-cve-2023-44487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"},{"reference_url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/","reference_id":"new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231016-0001/","reference_id":"ntap-20231016-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231016-0001/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0007/","reference_id":"ntap-20240426-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0007/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007/","reference_id":"ntap-20240621-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007/"},{"reference_url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/","reference_id":"rapid-reset-http-2-vulnerablilty","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5006","reference_id":"RHSA-2023:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5009","reference_id":"RHSA-2023:5009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5530","reference_id":"RHSA-2023:5530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5541","reference_id":"RHSA-2023:5541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5542","reference_id":"RHSA-2023:5542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5679","reference_id":"RHSA-2023:5679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5705","reference_id":"RHSA-2023:5705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5706","reference_id":"RHSA-2023:5706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5707","reference_id":"RHSA-2023:5707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5708","reference_id":"RHSA-2023:5708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5709","reference_id":"RHSA-2023:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5710","reference_id":"RHSA-2023:5710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5711","reference_id":"RHSA-2023:5711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5712","reference_id":"RHSA-2023:5712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5713","reference_id":"RHSA-2023:5713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5714","reference_id":"RHSA-2023:5714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5715","reference_id":"RHSA-2023:5715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5716","reference_id":"RHSA-2023:5716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5717","reference_id":"RHSA-2023:5717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5719","reference_id":"RHSA-2023:5719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5720","reference_id":"RHSA-2023:5720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5721","reference_id":"RHSA-2023:5721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5724","reference_id":"RHSA-2023:5724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5738","reference_id":"RHSA-2023:5738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5749","reference_id":"RHSA-2023:5749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5764","reference_id":"RHSA-2023:5764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5765","reference_id":"RHSA-2023:5765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5766","reference_id":"RHSA-2023:5766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5767","reference_id":"RHSA-2023:5767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5768","reference_id":"RHSA-2023:5768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5769","reference_id":"RHSA-2023:5769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5770","reference_id":"RHSA-2023:5770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5780","reference_id":"RHSA-2023:5780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5783","reference_id":"RHSA-2023:5783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5784","reference_id":"RHSA-2023:5784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5801","reference_id":"RHSA-2023:5801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5802","reference_id":"RHSA-2023:5802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5803","reference_id":"RHSA-2023:5803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5805","reference_id":"RHSA-2023:5805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5835","reference_id":"RHSA-2023:5835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5837","reference_id":"RHSA-2023:5837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5838","reference_id":"RHSA-2023:5838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5840","reference_id":"RHSA-2023:5840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5841","reference_id":"RHSA-2023:5841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5849","reference_id":"RHSA-2023:5849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5850","reference_id":"RHSA-2023:5850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5851","reference_id":"RHSA-2023:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5863","reference_id":"RHSA-2023:5863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5864","reference_id":"RHSA-2023:5864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5865","reference_id":"RHSA-2023:5865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5866","reference_id":"RHSA-2023:5866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5867","reference_id":"RHSA-2023:5867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5869","reference_id":"RHSA-2023:5869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5896","reference_id":"RHSA-2023:5896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5902","reference_id":"RHSA-2023:5902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5920","reference_id":"RHSA-2023:5920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5922","reference_id":"RHSA-2023:5922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5924","reference_id":"RHSA-2023:5924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5928","reference_id":"RHSA-2023:5928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5929","reference_id":"RHSA-2023:5929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5930","reference_id":"RHSA-2023:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5931","reference_id":"RHSA-2023:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5933","reference_id":"RHSA-2023:5933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5935","reference_id":"RHSA-2023:5935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5945","reference_id":"RHSA-2023:5945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5946","reference_id":"RHSA-2023:5946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5947","reference_id":"RHSA-2023:5947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5956","reference_id":"RHSA-2023:5956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5964","reference_id":"RHSA-2023:5964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5965","reference_id":"RHSA-2023:5965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5967","reference_id":"RHSA-2023:5967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5969","reference_id":"RHSA-2023:5969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5970","reference_id":"RHSA-2023:5970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5971","reference_id":"RHSA-2023:5971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5973","reference_id":"RHSA-2023:5973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5973"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5974","reference_id":"RHSA-2023:5974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5976","reference_id":"RHSA-2023:5976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5978","reference_id":"RHSA-2023:5978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5979","reference_id":"RHSA-2023:5979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5980","reference_id":"RHSA-2023:5980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5982","reference_id":"RHSA-2023:5982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5989","reference_id":"RHSA-2023:5989","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5989"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6020","reference_id":"RHSA-2023:6020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6021","reference_id":"RHSA-2023:6021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6022","reference_id":"RHSA-2023:6022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6023","reference_id":"RHSA-2023:6023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6030","reference_id":"RHSA-2023:6030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6031","reference_id":"RHSA-2023:6031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6039","reference_id":"RHSA-2023:6039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6040","reference_id":"RHSA-2023:6040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6041","reference_id":"RHSA-2023:6041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6042","reference_id":"RHSA-2023:6042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6048","reference_id":"RHSA-2023:6048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6057","reference_id":"RHSA-2023:6057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6059","reference_id":"RHSA-2023:6059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6061","reference_id":"RHSA-2023:6061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6077","reference_id":"RHSA-2023:6077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6079","reference_id":"RHSA-2023:6079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6080","reference_id":"RHSA-2023:6080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6084","reference_id":"RHSA-2023:6084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6105","reference_id":"RHSA-2023:6105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6105"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6106","reference_id":"RHSA-2023:6106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6114","reference_id":"RHSA-2023:6114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6115","reference_id":"RHSA-2023:6115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6117","reference_id":"RHSA-2023:6117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6118","reference_id":"RHSA-2023:6118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6120","reference_id":"RHSA-2023:6120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6129","reference_id":"RHSA-2023:6129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6137","reference_id":"RHSA-2023:6137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6144","reference_id":"RHSA-2023:6144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6154","reference_id":"RHSA-2023:6154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6161","reference_id":"RHSA-2023:6161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6165","reference_id":"RHSA-2023:6165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6179","reference_id":"RHSA-2023:6179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6217","reference_id":"RHSA-2023:6217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6233","reference_id":"RHSA-2023:6233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6235","reference_id":"RHSA-2023:6235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6239","reference_id":"RHSA-2023:6239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6248","reference_id":"RHSA-2023:6248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6251","reference_id":"RHSA-2023:6251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6269","reference_id":"RHSA-2023:6269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6272","reference_id":"RHSA-2023:6272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6280","reference_id":"RHSA-2023:6280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6286","reference_id":"RHSA-2023:6286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6296","reference_id":"RHSA-2023:6296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6298","reference_id":"RHSA-2023:6298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6305","reference_id":"RHSA-2023:6305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6746","reference_id":"RHSA-2023:6746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6779","reference_id":"RHSA-2023:6779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6781","reference_id":"RHSA-2023:6781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6782","reference_id":"RHSA-2023:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6783","reference_id":"RHSA-2023:6783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6784","reference_id":"RHSA-2023:6784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6785","reference_id":"RHSA-2023:6785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6786","reference_id":"RHSA-2023:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6787","reference_id":"RHSA-2023:6787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6788","reference_id":"RHSA-2023:6788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6817","reference_id":"RHSA-2023:6817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6832","reference_id":"RHSA-2023:6832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6836","reference_id":"RHSA-2023:6836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6837","reference_id":"RHSA-2023:6837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6839","reference_id":"RHSA-2023:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6840","reference_id":"RHSA-2023:6840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7198","reference_id":"RHSA-2023:7198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7215","reference_id":"RHSA-2023:7215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7218","reference_id":"RHSA-2023:7218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7288","reference_id":"RHSA-2023:7288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7315","reference_id":"RHSA-2023:7315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7325","reference_id":"RHSA-2023:7325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7334","reference_id":"RHSA-2023:7334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7335","reference_id":"RHSA-2023:7335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7344","reference_id":"RHSA-2023:7344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7345","reference_id":"RHSA-2023:7345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7481","reference_id":"RHSA-2023:7481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7482","reference_id":"RHSA-2023:7482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7483","reference_id":"RHSA-2023:7483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7484","reference_id":"RHSA-2023:7484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7486","reference_id":"RHSA-2023:7486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7488","reference_id":"RHSA-2023:7488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7521","reference_id":"RHSA-2023:7521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7522","reference_id":"RHSA-2023:7522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7555","reference_id":"RHSA-2023:7555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7587","reference_id":"RHSA-2023:7587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7610","reference_id":"RHSA-2023:7610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7682","reference_id":"RHSA-2023:7682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7687","reference_id":"RHSA-2023:7687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7699","reference_id":"RHSA-2023:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7703","reference_id":"RHSA-2023:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7704","reference_id":"RHSA-2023:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7741","reference_id":"RHSA-2023:7741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0269","reference_id":"RHSA-2024:0269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0302","reference_id":"RHSA-2024:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0777","reference_id":"RHSA-2024:0777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1444","reference_id":"RHSA-2024:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1770","reference_id":"RHSA-2024:1770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2633","reference_id":"RHSA-2024:2633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4631","reference_id":"RHSA-2024:4631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16668","reference_id":"RHSA-2025:16668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23528","reference_id":"RHSA-2025:23528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23529","reference_id":"RHSA-2025:23529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0722","reference_id":"RHSA-2026:0722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0722"},{"reference_url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/","reference_id":"technical-breakdown-http2-rapid-reset-ddos-attack","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"},{"reference_url":"https://usn.ubuntu.com/6427-1/","reference_id":"USN-6427-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6427-1/"},{"reference_url":"https://usn.ubuntu.com/6427-2/","reference_id":"USN-6427-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6427-2/"},{"reference_url":"https://usn.ubuntu.com/6438-1/","reference_id":"USN-6438-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6438-1/"},{"reference_url":"https://usn.ubuntu.com/6505-1/","reference_id":"USN-6505-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6505-1/"},{"reference_url":"https://usn.ubuntu.com/6574-1/","reference_id":"USN-6574-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6574-1/"},{"reference_url":"https://usn.ubuntu.com/6754-1/","reference_id":"USN-6754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6754-1/"},{"reference_url":"https://usn.ubuntu.com/6994-1/","reference_id":"USN-6994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6994-1/"},{"reference_url":"https://usn.ubuntu.com/7067-1/","reference_id":"USN-7067-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7067-1/"},{"reference_url":"https://usn.ubuntu.com/7410-1/","reference_id":"USN-7410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7410-1/"},{"reference_url":"https://usn.ubuntu.com/7469-1/","reference_id":"USN-7469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-1/"},{"reference_url":"https://usn.ubuntu.com/7469-2/","reference_id":"USN-7469-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-2/"},{"reference_url":"https://usn.ubuntu.com/7469-3/","reference_id":"USN-7469-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-3/"},{"reference_url":"https://usn.ubuntu.com/7469-4/","reference_id":"USN-7469-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-4/"},{"reference_url":"https://usn.ubuntu.com/7892-1/","reference_id":"USN-7892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7892-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","reference_id":"VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/","reference_id":"VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/","reference_id":"WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/","reference_id":"WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","reference_id":"X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/","reference_id":"XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/","reference_id":"ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"},{"reference_url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/","reference_id":"zero-day-rapid-reset-http2-record-breaking-ddos-attack","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","reference_id":"ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/","reference_id":"ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354120?format=json","purl":"pkg:deb/debian/nginx@1.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2023-44487","GHSA-qppj-fm5r-hxr3","VSV00013"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvpj-4273-4khg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4848?format=json","vulnerability_id":"VCID-xsdq-5m4c-mqcs","summary":"nginx: ngx_http_rewrite_module: code execution and denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9256.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9256.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-9256","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38908","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-9256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9256"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137339","reference_id":"1137339","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137339"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480746","reference_id":"2480746","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480746"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-9256","reference_id":"CVE-2026-9256","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-9256"},{"reference_url":"https://my.f5.com/manage/s/article/K000161377","reference_id":"K000161377","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:50:29Z/"}],"url":"https://my.f5.com/manage/s/article/K000161377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20351","reference_id":"RHSA-2026:20351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20351"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-9256"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsdq-5m4c-mqcs"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81413?format=json","vulnerability_id":"VCID-1qja-a3mm-4fd2","summary":"Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2089","reference_id":"","reference_type":"","scores":[{"value":"0.05317","scoring_system":"epss","scoring_elements":"0.90181","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html","reference_id":"","reference_type":"","scores":[],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html"},{"reference_url":"https://nginx.org/download/patch.2012.mp4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2012.mp4.txt"},{"reference_url":"https://nginx.org/download/patch.2012.mp4.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2012.mp4.txt.asc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2089","reference_id":"CVE-2012-2089","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2089"},{"reference_url":"https://security.gentoo.org/glsa/201206-07","reference_id":"GLSA-201206-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354097?format=json","purl":"pkg:deb/debian/nginx@1.1.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2012-2089"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qja-a3mm-4fd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53109?format=json","vulnerability_id":"VCID-2rxm-wpjd-dycf","summary":"HTTP/2: flood using PRIORITY frames results in excessive resource consumption","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9513","reference_id":"","reference_type":"","scores":[{"value":"0.06587","scoring_system":"epss","scoring_elements":"0.91305","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html","reference_id":"","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735741","reference_id":"1735741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1735741"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885","reference_id":"934885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037","reference_id":"935037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037"},{"reference_url":"https://security.archlinux.org/ASA-201908-12","reference_id":"ASA-201908-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-12"},{"reference_url":"https://security.archlinux.org/ASA-201908-13","reference_id":"ASA-201908-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-13"},{"reference_url":"https://security.archlinux.org/ASA-201908-17","reference_id":"ASA-201908-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-17"},{"reference_url":"https://security.archlinux.org/AVG-1022","reference_id":"AVG-1022","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1022"},{"reference_url":"https://security.archlinux.org/AVG-1023","reference_id":"AVG-1023","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1023"},{"reference_url":"https://security.archlinux.org/AVG-1024","reference_id":"AVG-1024","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1024"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9513","reference_id":"CVE-2019-9513","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2692","reference_id":"RHSA-2019:2692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2745","reference_id":"RHSA-2019:2745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2746","reference_id":"RHSA-2019:2746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2775","reference_id":"RHSA-2019:2775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2799","reference_id":"RHSA-2019:2799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"RHSA-2019:2925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"RHSA-2019:2939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2946","reference_id":"RHSA-2019:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2949","reference_id":"RHSA-2019:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"RHSA-2019:2955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2966","reference_id":"RHSA-2019:2966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3041","reference_id":"RHSA-2019:3041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://usn.ubuntu.com/4099-1/","reference_id":"USN-4099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4099-1/"},{"reference_url":"https://usn.ubuntu.com/6754-1/","reference_id":"USN-6754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6754-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354112?format=json","purl":"pkg:deb/debian/nginx@1.14.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9513"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2rxm-wpjd-dycf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40841?format=json","vulnerability_id":"VCID-3912-phtr-jkhc","summary":"nginx: Memory corruption in the ngx_http_mp4_module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41741","reference_id":"","reference_type":"","scores":[{"value":"0.00851","scoring_system":"epss","scoring_elements":"0.75198","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html"},{"reference_url":"https://nginx.org/download/patch.2022.mp4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2022.mp4.txt"},{"reference_url":"https://nginx.org/download/patch.2022.mp4.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2022.mp4.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141495","reference_id":"2141495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141495"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/","reference_id":"BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41741","reference_id":"CVE-2022-41741","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41741"},{"reference_url":"https://www.debian.org/security/2022/dsa-5281","reference_id":"dsa-5281","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/"}],"url":"https://www.debian.org/security/2022/dsa-5281"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/","reference_id":"FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"},{"reference_url":"https://support.f5.com/csp/article/K81926432","reference_id":"K81926432","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/"}],"url":"https://support.f5.com/csp/article/K81926432"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html","reference_id":"msg00031.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230120-0005/","reference_id":"ntap-20230120-0005","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230120-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7402","reference_id":"RHSA-2025:7402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7546","reference_id":"RHSA-2025:7546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7619","reference_id":"RHSA-2025:7619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7619"},{"reference_url":"https://usn.ubuntu.com/5722-1/","reference_id":"USN-5722-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5722-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/","reference_id":"WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354119?format=json","purl":"pkg:deb/debian/nginx@1.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2022-41741"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3912-phtr-jkhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18992?format=json","vulnerability_id":"VCID-3b34-tqxp-h7h5","summary":"nginx: NGINX ngx_mail_smtp_module vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53859","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09485","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138","reference_id":"1111138","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388238","reference_id":"2388238","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388238"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-53859","reference_id":"CVE-2025-53859","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-53859"},{"reference_url":"https://my.f5.com/manage/s/article/K000152786","reference_id":"K000152786","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T15:06:23Z/"}],"url":"https://my.f5.com/manage/s/article/K000152786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/7715-1/","reference_id":"USN-7715-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7715-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354127?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354130?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354129?format=json","purl":"pkg:deb/debian/nginx@1.28.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2025-53859"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3b34-tqxp-h7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5040?format=json","vulnerability_id":"VCID-422n-2b44-mbh2","summary":"nginx: ngx_http_scgi_module: ngx_http_uwsgi_module: information disclosure and denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42946.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42946.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42946","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21561","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42946"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477132","reference_id":"2477132","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477132"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42946","reference_id":"CVE-2026-42946","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42946"},{"reference_url":"https://my.f5.com/manage/s/article/K000161027","reference_id":"K000161027","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:55:04Z/"}],"url":"https://my.f5.com/manage/s/article/K000161027"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354138?format=json","purl":"pkg:deb/debian/nginx@1.30.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-42946"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-422n-2b44-mbh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68964?format=json","vulnerability_id":"VCID-4c4d-khz9-uuar","summary":"nginx: possible arbitrary code execution via SPDY implementation in 1.5.10","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0088","reference_id":"","reference_type":"","scores":[{"value":"0.02713","scoring_system":"epss","scoring_elements":"0.86162","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0088"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html","reference_id":"","reference_type":"","scores":[],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html"},{"reference_url":"https://nginx.org/download/patch.2014.spdy.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2014.spdy.txt"},{"reference_url":"https://nginx.org/download/patch.2014.spdy.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2014.spdy.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072546","reference_id":"1072546","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072546"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0088","reference_id":"CVE-2014-0088","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0088"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2014-0088"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4c4d-khz9-uuar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31692?format=json","vulnerability_id":"VCID-4ya2-ngub-jyhz","summary":"nginx: undisclosed HTTP/3 requests can cause NGINX worker processes to terminate","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35200","reference_id":"","reference_type":"","scores":[{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63722","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35200"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283919","reference_id":"2283919","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283919"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/30/4","reference_id":"4","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/30/4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35200","reference_id":"CVE-2024-35200","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35200"},{"reference_url":"https://my.f5.com/manage/s/article/K000139612","reference_id":"K000139612","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/"}],"url":"https://my.f5.com/manage/s/article/K000139612"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/","reference_id":"MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/","reference_id":"R7RPLWC35WHEUFCGKNFG62ESNID25TEZ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354122?format=json","purl":"pkg:deb/debian/nginx@1.26.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-35200"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ya2-ngub-jyhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81276?format=json","vulnerability_id":"VCID-5f4n-9p67-j3h2","summary":"Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4315","reference_id":"","reference_type":"","scores":[{"value":"0.02811","scoring_system":"epss","scoring_elements":"0.86379","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4315","reference_id":"CVE-2011-4315","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4315"},{"reference_url":"https://security.gentoo.org/glsa/201203-22","reference_id":"GLSA-201203-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354094?format=json","purl":"pkg:deb/debian/nginx@1.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2011-4315"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5f4n-9p67-j3h2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10628?format=json","vulnerability_id":"VCID-5kgu-8trw-zufv","summary":"nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1642","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06124","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053","reference_id":"1127053","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436738","reference_id":"2436738","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436738"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1642","reference_id":"CVE-2026-1642","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1642"},{"reference_url":"https://my.f5.com/manage/s/article/K000159824","reference_id":"K000159824","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T16:01:47Z/"}],"url":"https://my.f5.com/manage/s/article/K000159824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3638","reference_id":"RHSA-2026:3638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4235","reference_id":"RHSA-2026:4235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4501","reference_id":"RHSA-2026:4501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4705","reference_id":"RHSA-2026:4705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4943","reference_id":"RHSA-2026:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5581","reference_id":"RHSA-2026:5581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5599","reference_id":"RHSA-2026:5599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6182","reference_id":"RHSA-2026:6182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6182"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6234","reference_id":"RHSA-2026:6234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6235","reference_id":"RHSA-2026:6235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6302","reference_id":"RHSA-2026:6302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6311","reference_id":"RHSA-2026:6311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6407","reference_id":"RHSA-2026:6407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6407"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6408","reference_id":"RHSA-2026:6408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6427","reference_id":"RHSA-2026:6427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/8038-1/","reference_id":"USN-8038-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8038-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354131?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354133?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354132?format=json","purl":"pkg:deb/debian/nginx@1.28.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-1642"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5kgu-8trw-zufv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83845?format=json","vulnerability_id":"VCID-6dd2-h79e-hufk","summary":"ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36309","reference_id":"","reference_type":"","scores":[{"value":"0.00423","scoring_system":"epss","scoring_elements":"0.62357","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787","reference_id":"986787","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787"},{"reference_url":"https://usn.ubuntu.com/5371-1/","reference_id":"USN-5371-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5371-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354115?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354114?format=json","purl":"pkg:deb/debian/nginx@1.22.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2020-36309"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6dd2-h79e-hufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55252?format=json","vulnerability_id":"VCID-6fh8-bb7y-fyar","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16843","reference_id":"","reference_type":"","scores":[{"value":"0.58348","scoring_system":"epss","scoring_elements":"0.98228","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html","reference_id":"","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644511","reference_id":"1644511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644511"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090","reference_id":"913090","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16843","reference_id":"CVE-2018-16843","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3653","reference_id":"RHSA-2018:3653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3680","reference_id":"RHSA-2018:3680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3681","reference_id":"RHSA-2018:3681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3681"},{"reference_url":"https://usn.ubuntu.com/3812-1/","reference_id":"USN-3812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354110?format=json","purl":"pkg:deb/debian/nginx@1.14.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2018-16843"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6fh8-bb7y-fyar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81322?format=json","vulnerability_id":"VCID-6h5f-vdnv-tyee","summary":"nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4968","reference_id":"","reference_type":"","scores":[{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60369","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940","reference_id":"697940","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354095?format=json","purl":"pkg:deb/debian/nginx@1.9.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2011-4968"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h5f-vdnv-tyee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66052?format=json","vulnerability_id":"VCID-6qb2-p5tc-hfg3","summary":"nginx: use-after-free during CNAME response processing in resolver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0746","reference_id":"","reference_type":"","scores":[{"value":"0.06343","scoring_system":"epss","scoring_elements":"0.91122","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302588","reference_id":"1302588","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302588"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806","reference_id":"812806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0746","reference_id":"CVE-2016-0746","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0746"},{"reference_url":"https://security.gentoo.org/glsa/201606-06","reference_id":"GLSA-201606-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1425","reference_id":"RHSA-2016:1425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1425"},{"reference_url":"https://usn.ubuntu.com/2892-1/","reference_id":"USN-2892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2892-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354105?format=json","purl":"pkg:deb/debian/nginx@1.9.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2016-0746"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qb2-p5tc-hfg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31693?format=json","vulnerability_id":"VCID-7g3p-v1am-nqfd","summary":"nginx: undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34161","reference_id":"","reference_type":"","scores":[{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.73214","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34161"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283926","reference_id":"2283926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283926"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/30/4","reference_id":"4","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/30/4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34161","reference_id":"CVE-2024-34161","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34161"},{"reference_url":"https://my.f5.com/manage/s/article/K000139627","reference_id":"K000139627","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/"}],"url":"https://my.f5.com/manage/s/article/K000139627"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/","reference_id":"MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/","reference_id":"R7RPLWC35WHEUFCGKNFG62ESNID25TEZ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354122?format=json","purl":"pkg:deb/debian/nginx@1.26.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-34161"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7g3p-v1am-nqfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55270?format=json","vulnerability_id":"VCID-7rb6-bdgt-z3aj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7529","reference_id":"","reference_type":"","scores":[{"value":"0.91959","scoring_system":"epss","scoring_elements":"0.99712","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html"},{"reference_url":"https://nginx.org/download/patch.2017.ranges.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2017.ranges.txt"},{"reference_url":"https://nginx.org/download/patch.2017.ranges.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2017.ranges.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1468584","reference_id":"1468584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1468584"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109","reference_id":"868109","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109"},{"reference_url":"https://security.archlinux.org/ASA-201707-11","reference_id":"ASA-201707-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-11"},{"reference_url":"https://security.archlinux.org/ASA-201707-12","reference_id":"ASA-201707-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-12"},{"reference_url":"https://security.archlinux.org/AVG-345","reference_id":"AVG-345","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-345"},{"reference_url":"https://security.archlinux.org/AVG-346","reference_id":"AVG-346","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-346"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7529","reference_id":"CVE-2017-7529","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2538","reference_id":"RHSA-2017:2538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2538"},{"reference_url":"https://usn.ubuntu.com/3352-1/","reference_id":"USN-3352-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3352-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354109?format=json","purl":"pkg:deb/debian/nginx@1.13.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.13.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2017-7529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7rb6-bdgt-z3aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80852?format=json","vulnerability_id":"VCID-8h8y-hxmb-qqby","summary":"Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3898","reference_id":"","reference_type":"","scores":[{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.78114","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557389","reference_id":"557389","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557389"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3898","reference_id":"CVE-2009-3898","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3898"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9829.txt","reference_id":"CVE-2009-3898;OSVDB-58328","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9829.txt"},{"reference_url":"https://security.gentoo.org/glsa/201203-22","reference_id":"GLSA-201203-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354092?format=json","purl":"pkg:deb/debian/nginx@0.7.63-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.63-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2009-3898"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8h8y-hxmb-qqby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31695?format=json","vulnerability_id":"VCID-8znq-g5bj-kqem","summary":"nginx: undisclosed HTTP/3 requests can cause NGINX worker processes to terminate","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31079","reference_id":"","reference_type":"","scores":[{"value":"0.00832","scoring_system":"epss","scoring_elements":"0.74888","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283940","reference_id":"2283940","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283940"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/30/4","reference_id":"4","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/30/4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-31079","reference_id":"CVE-2024-31079","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-31079"},{"reference_url":"https://my.f5.com/manage/s/article/K000139611","reference_id":"K000139611","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/"}],"url":"https://my.f5.com/manage/s/article/K000139611"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/","reference_id":"MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/","reference_id":"R7RPLWC35WHEUFCGKNFG62ESNID25TEZ","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354122?format=json","purl":"pkg:deb/debian/nginx@1.26.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-31079"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8znq-g5bj-kqem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40842?format=json","vulnerability_id":"VCID-ah6q-srk2-rbdp","summary":"nginx: Memory disclosure in the ngx_http_mp4_module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41742","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25183","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html"},{"reference_url":"https://nginx.org/download/patch.2022.mp4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2022.mp4.txt"},{"reference_url":"https://nginx.org/download/patch.2022.mp4.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2022.mp4.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141496","reference_id":"2141496","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141496"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/","reference_id":"BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41742","reference_id":"CVE-2022-41742","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41742"},{"reference_url":"https://www.debian.org/security/2022/dsa-5281","reference_id":"dsa-5281","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/"}],"url":"https://www.debian.org/security/2022/dsa-5281"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/","reference_id":"FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"},{"reference_url":"https://support.f5.com/csp/article/K28112382","reference_id":"K28112382","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/"}],"url":"https://support.f5.com/csp/article/K28112382"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html","reference_id":"msg00031.html","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230120-0005/","reference_id":"ntap-20230120-0005","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230120-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7402","reference_id":"RHSA-2025:7402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7546","reference_id":"RHSA-2025:7546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7619","reference_id":"RHSA-2025:7619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7619"},{"reference_url":"https://usn.ubuntu.com/5722-1/","reference_id":"USN-5722-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5722-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/","reference_id":"WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354119?format=json","purl":"pkg:deb/debian/nginx@1.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2022-41742"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ah6q-srk2-rbdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71184?format=json","vulnerability_id":"VCID-amjj-a28c-cyep","summary":"restriction bypass","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4547","reference_id":"","reference_type":"","scores":[{"value":"0.90921","scoring_system":"epss","scoring_elements":"0.99645","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html"},{"reference_url":"https://nginx.org/download/patch.2013.space.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.space.txt"},{"reference_url":"https://nginx.org/download/patch.2013.space.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.space.txt.asc"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012","reference_id":"730012","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4547","reference_id":"CVE-2013-4547","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4547"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt","reference_id":"CVE-2013-4547;OSVDB-100015","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt"},{"reference_url":"https://www.securityfocus.com/bid/63814/info","reference_id":"CVE-2013-4547;OSVDB-100015","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/63814/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354101?format=json","purl":"pkg:deb/debian/nginx@1.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2013-4547"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-amjj-a28c-cyep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5038?format=json","vulnerability_id":"VCID-b3hy-gnzn-f3af","summary":"nginx: NGINX: Authorization bypass via IP spoofing in HTTP/3 QUIC module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40460.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40460","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08244","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40460"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477113","reference_id":"2477113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477113"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40460","reference_id":"CVE-2026-40460","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40460"},{"reference_url":"https://my.f5.com/manage/s/article/K000161068","reference_id":"K000161068","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:54:59Z/"}],"url":"https://my.f5.com/manage/s/article/K000161068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20351","reference_id":"RHSA-2026:20351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20351"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354139?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354138?format=json","purl":"pkg:deb/debian/nginx@1.30.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-40460"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3hy-gnzn-f3af"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62673?format=json","vulnerability_id":"VCID-b7te-3dd4-8qfp","summary":"nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-20005","reference_id":"","reference_type":"","scores":[{"value":"0.0325","scoring_system":"epss","scoring_elements":"0.87342","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-20005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005"},{"reference_url":"https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf","reference_id":"0206ebe76f748bb39d9de4dd4b3fce777fdfdccf","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/"}],"url":"https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf"},{"reference_url":"https://trac.nginx.org/nginx/ticket/1368","reference_id":"1368","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/"}],"url":"https://trac.nginx.org/nginx/ticket/1368"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1974192","reference_id":"1974192","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1974192"},{"reference_url":"https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b","reference_id":"b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/"}],"url":"https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b"},{"reference_url":"http://nginx.org/en/CHANGES","reference_id":"CHANGES","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/"}],"url":"http://nginx.org/en/CHANGES"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html","reference_id":"msg00009.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210805-0006/","reference_id":"ntap-20210805-0006","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210805-0006/"},{"reference_url":"https://usn.ubuntu.com/5109-1/","reference_id":"USN-5109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5109-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354108?format=json","purl":"pkg:deb/debian/nginx@1.13.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.13.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2017-20005"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7te-3dd4-8qfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87101?format=json","vulnerability_id":"VCID-bbhz-4dn6-a7e9","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2028","reference_id":"","reference_type":"","scores":[{"value":"0.93039","scoring_system":"epss","scoring_elements":"0.99792","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2028"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html","reference_id":"","reference_type":"","scores":[],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html"},{"reference_url":"https://nginx.org/download/patch.2013.chunked.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.chunked.txt"},{"reference_url":"https://nginx.org/download/patch.2013.chunked.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.chunked.txt.asc"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt","reference_id":"CVE-2013-2028","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2028","reference_id":"CVE-2013-2028","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2028"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py","reference_id":"CVE-2013-2028;OSVDB-93037","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb","reference_id":"CVE-2013-2028;OSVDB-93037","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl","reference_id":"CVE-2013-2028;OSVDB-93037","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl"},{"reference_url":"https://security.gentoo.org/glsa/201310-04","reference_id":"GLSA-201310-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2013-2028"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbhz-4dn6-a7e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35329?format=json","vulnerability_id":"VCID-bhch-r7x4-m3ff","summary":"nginx: NULL pointer dereference in HTTP/3","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24989","reference_id":"","reference_type":"","scores":[{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74867","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html","reference_id":"","reference_type":"","scores":[],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264290","reference_id":"2264290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264290"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/30/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/30/4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24989","reference_id":"CVE-2024-24989","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24989"},{"reference_url":"https://security.gentoo.org/glsa/202409-32","reference_id":"GLSA-202409-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-32"},{"reference_url":"https://my.f5.com/manage/s/article/K000138444","reference_id":"K000138444","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/"}],"url":"https://my.f5.com/manage/s/article/K000138444"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354121?format=json","purl":"pkg:deb/debian/nginx@1.26.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-24989"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhch-r7x4-m3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68926?format=json","vulnerability_id":"VCID-cm9w-3e85-byaz","summary":"nginx: heap-based buffer overflow in SPDY implementation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0133","reference_id":"","reference_type":"","scores":[{"value":"0.17816","scoring_system":"epss","scoring_elements":"0.95241","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html","reference_id":"","reference_type":"","scores":[],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html"},{"reference_url":"https://nginx.org/download/patch.2014.spdy2.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2014.spdy2.txt"},{"reference_url":"https://nginx.org/download/patch.2014.spdy2.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2014.spdy2.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077988","reference_id":"1077988","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077988"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059","reference_id":"742059","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0133","reference_id":"CVE-2014-0133","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0133"},{"reference_url":"https://security.gentoo.org/glsa/201406-20","reference_id":"GLSA-201406-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-20"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354102?format=json","purl":"pkg:deb/debian/nginx@1.4.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2014-0133"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cm9w-3e85-byaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66051?format=json","vulnerability_id":"VCID-crp5-6dhb-2uh7","summary":"nginx: invalid pointer dereference in resolver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0742","reference_id":"","reference_type":"","scores":[{"value":"0.78788","scoring_system":"epss","scoring_elements":"0.9907","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302587","reference_id":"1302587","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302587"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806","reference_id":"812806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0742","reference_id":"CVE-2016-0742","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0742"},{"reference_url":"https://security.gentoo.org/glsa/201606-06","reference_id":"GLSA-201606-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1425","reference_id":"RHSA-2016:1425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1425"},{"reference_url":"https://usn.ubuntu.com/2892-1/","reference_id":"USN-2892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2892-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354105?format=json","purl":"pkg:deb/debian/nginx@1.9.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2016-0742"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-crp5-6dhb-2uh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7424?format=json","vulnerability_id":"VCID-cxs8-z482-ufht","summary":"nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32647.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32647.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32647","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06833","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32647"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449598","reference_id":"2449598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449598"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32647","reference_id":"CVE-2026-32647","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32647"},{"reference_url":"https://my.f5.com/manage/s/article/K000160366","reference_id":"K000160366","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:51:04Z/"}],"url":"https://my.f5.com/manage/s/article/K000160366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13634","reference_id":"RHSA-2026:13634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13680","reference_id":"RHSA-2026:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13839","reference_id":"RHSA-2026:13839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14836","reference_id":"RHSA-2026:14836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15942","reference_id":"RHSA-2026:15942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15943","reference_id":"RHSA-2026:15943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15945","reference_id":"RHSA-2026:15945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15966","reference_id":"RHSA-2026:15966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6906","reference_id":"RHSA-2026:6906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6907","reference_id":"RHSA-2026:6907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6923","reference_id":"RHSA-2026:6923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7002","reference_id":"RHSA-2026:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7343","reference_id":"RHSA-2026:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/8210-1/","reference_id":"USN-8210-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8210-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354134?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354136?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354135?format=json","purl":"pkg:deb/debian/nginx@1.28.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-32647"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cxs8-z482-ufht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50782?format=json","vulnerability_id":"VCID-cz65-u8z7-mbc3","summary":"nginx: HTTP request smuggling in configurations with URL redirect used as error_page","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20372","reference_id":"","reference_type":"","scores":[{"value":"0.69569","scoring_system":"epss","scoring_elements":"0.98677","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1790277","reference_id":"1790277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1790277"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579","reference_id":"948579","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2817","reference_id":"RHSA-2020:2817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5495","reference_id":"RHSA-2020:5495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0778","reference_id":"RHSA-2021:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0779","reference_id":"RHSA-2021:0779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0779"},{"reference_url":"https://usn.ubuntu.com/4235-1/","reference_id":"USN-4235-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4235-1/"},{"reference_url":"https://usn.ubuntu.com/4235-2/","reference_id":"USN-4235-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4235-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354111?format=json","purl":"pkg:deb/debian/nginx@1.16.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.16.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2019-20372"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz65-u8z7-mbc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22866?format=json","vulnerability_id":"VCID-d2dq-z15z-rkha","summary":"lua-nginx-module: HTTP request smuggling via a crafted HEAD request","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33452","reference_id":"","reference_type":"","scores":[{"value":"0.0129","scoring_system":"epss","scoring_elements":"0.79973","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2361691","reference_id":"2361691","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2361691"},{"reference_url":"https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/","reference_id":"OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T19:26:16Z/"}],"url":"https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354115?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354114?format=json","purl":"pkg:deb/debian/nginx@1.22.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-33452"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d2dq-z15z-rkha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5039?format=json","vulnerability_id":"VCID-dfzv-bqb6-xkgp","summary":"nginx: ngx_http_charset_module: information disclosure and denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42934.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42934","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13942","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477066","reference_id":"2477066","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477066"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42934","reference_id":"CVE-2026-42934","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42934"},{"reference_url":"https://my.f5.com/manage/s/article/K000161028","reference_id":"K000161028","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:55:18Z/"}],"url":"https://my.f5.com/manage/s/article/K000161028"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354140?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354139?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354138?format=json","purl":"pkg:deb/debian/nginx@1.30.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-42934"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfzv-bqb6-xkgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81390?format=json","vulnerability_id":"VCID-dvnw-kcqg-mbda","summary":"Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1180","reference_id":"","reference_type":"","scores":[{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86944","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html","reference_id":"","reference_type":"","scores":[],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html"},{"reference_url":"https://nginx.org/download/patch.2012.memory.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2012.memory.txt"},{"reference_url":"https://nginx.org/download/patch.2012.memory.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2012.memory.txt.asc"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137","reference_id":"664137","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1180","reference_id":"CVE-2012-1180","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1180"},{"reference_url":"https://security.gentoo.org/glsa/201203-22","reference_id":"GLSA-201203-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354096?format=json","purl":"pkg:deb/debian/nginx@1.1.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2012-1180"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dvnw-kcqg-mbda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35331?format=json","vulnerability_id":"VCID-eavm-twzr-ayee","summary":"nginx: Use-after-free in HTTP/3","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24990","reference_id":"","reference_type":"","scores":[{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54769","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24990"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html","reference_id":"","reference_type":"","scores":[],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264298","reference_id":"2264298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264298"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/30/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/30/4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24990","reference_id":"CVE-2024-24990","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24990"},{"reference_url":"https://security.gentoo.org/glsa/202409-32","reference_id":"GLSA-202409-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-32"},{"reference_url":"https://my.f5.com/manage/s/article/K000138445","reference_id":"K000138445","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/"}],"url":"https://my.f5.com/manage/s/article/K000138445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354121?format=json","purl":"pkg:deb/debian/nginx@1.26.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-24990"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eavm-twzr-ayee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45202?format=json","vulnerability_id":"VCID-ey81-19f3-8udc","summary":"ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3618","reference_id":"","reference_type":"","scores":[{"value":"0.00615","scoring_system":"epss","scoring_elements":"0.70231","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1975623","reference_id":"1975623","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1975623"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328","reference_id":"991328","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329","reference_id":"991329","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331","reference_id":"991331","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331"},{"reference_url":"https://security.archlinux.org/AVG-2101","reference_id":"AVG-2101","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2101"},{"reference_url":"https://security.archlinux.org/AVG-2102","reference_id":"AVG-2102","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2102"},{"reference_url":"https://security.archlinux.org/AVG-2103","reference_id":"AVG-2103","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2103"},{"reference_url":"https://usn.ubuntu.com/5371-1/","reference_id":"USN-5371-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5371-1/"},{"reference_url":"https://usn.ubuntu.com/5371-2/","reference_id":"USN-5371-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5371-2/"},{"reference_url":"https://usn.ubuntu.com/6379-1/","reference_id":"USN-6379-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6379-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354118?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354117?format=json","purl":"pkg:deb/debian/nginx@1.20.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.20.2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2021-3618"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ey81-19f3-8udc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31694?format=json","vulnerability_id":"VCID-f58h-gnzp-ryft","summary":"nginx: undisclosed HTTP/3 encoder instructions terminate or cause or other potential impact","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32760.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32760","reference_id":"","reference_type":"","scores":[{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.66113","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32760"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283933","reference_id":"2283933","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283933"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/30/4","reference_id":"4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/30/4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32760","reference_id":"CVE-2024-32760","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32760"},{"reference_url":"https://my.f5.com/manage/s/article/K000139609","reference_id":"K000139609","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/"}],"url":"https://my.f5.com/manage/s/article/K000139609"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/","reference_id":"MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/","reference_id":"R7RPLWC35WHEUFCGKNFG62ESNID25TEZ","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354122?format=json","purl":"pkg:deb/debian/nginx@1.26.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-32760"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f58h-gnzp-ryft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45262?format=json","vulnerability_id":"VCID-f9vr-hcz9-j7fk","summary":"nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23017","reference_id":"","reference_type":"","scores":[{"value":"0.73544","scoring_system":"epss","scoring_elements":"0.98829","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html"},{"reference_url":"https://nginx.org/download/patch.2021.resolver.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2021.resolver.txt"},{"reference_url":"https://nginx.org/download/patch.2021.resolver.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2021.resolver.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1963121","reference_id":"1963121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1963121"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095","reference_id":"989095","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095"},{"reference_url":"https://security.archlinux.org/ASA-202106-36","reference_id":"ASA-202106-36","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-36"},{"reference_url":"https://security.archlinux.org/ASA-202106-48","reference_id":"ASA-202106-48","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-48"},{"reference_url":"https://security.archlinux.org/AVG-1987","reference_id":"AVG-1987","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1987"},{"reference_url":"https://security.archlinux.org/AVG-1988","reference_id":"AVG-1988","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1988"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py","reference_id":"CVE-2021-23017","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23017","reference_id":"CVE-2021-23017","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23017"},{"reference_url":"https://security.gentoo.org/glsa/202105-38","reference_id":"GLSA-202105-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2258","reference_id":"RHSA-2021:2258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2259","reference_id":"RHSA-2021:2259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2278","reference_id":"RHSA-2021:2278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2290","reference_id":"RHSA-2021:2290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3653","reference_id":"RHSA-2021:3653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3851","reference_id":"RHSA-2021:3851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3925","reference_id":"RHSA-2021:3925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0323","reference_id":"RHSA-2022:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0323"},{"reference_url":"https://usn.ubuntu.com/4967-1/","reference_id":"USN-4967-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4967-1/"},{"reference_url":"https://usn.ubuntu.com/4967-2/","reference_id":"USN-4967-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4967-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354116?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2021-23017"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9vr-hcz9-j7fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79410?format=json","vulnerability_id":"VCID-fgkh-yy5u-8ydf","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11724","reference_id":"","reference_type":"","scores":[{"value":"0.02474","scoring_system":"epss","scoring_elements":"0.85521","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950","reference_id":"964950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950"},{"reference_url":"https://usn.ubuntu.com/5371-1/","reference_id":"USN-5371-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5371-1/"},{"reference_url":"https://usn.ubuntu.com/5371-3/","reference_id":"USN-5371-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5371-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354113?format=json","purl":"pkg:deb/debian/nginx@1.18.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2020-11724"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgkh-yy5u-8ydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7441?format=json","vulnerability_id":"VCID-fpta-dc5f-pkct","summary":"NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27784.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27784","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02947","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450785","reference_id":"2450785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450785"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27784","reference_id":"CVE-2026-27784","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27784"},{"reference_url":"https://my.f5.com/manage/s/article/K000160364","reference_id":"K000160364","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:53Z/"}],"url":"https://my.f5.com/manage/s/article/K000160364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13634","reference_id":"RHSA-2026:13634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13680","reference_id":"RHSA-2026:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13839","reference_id":"RHSA-2026:13839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14836","reference_id":"RHSA-2026:14836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15942","reference_id":"RHSA-2026:15942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15943","reference_id":"RHSA-2026:15943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15945","reference_id":"RHSA-2026:15945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15966","reference_id":"RHSA-2026:15966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6906","reference_id":"RHSA-2026:6906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6907","reference_id":"RHSA-2026:6907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6923","reference_id":"RHSA-2026:6923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7002","reference_id":"RHSA-2026:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7343","reference_id":"RHSA-2026:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/8210-1/","reference_id":"USN-8210-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8210-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354134?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354136?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354135?format=json","purl":"pkg:deb/debian/nginx@1.28.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-27784"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fpta-dc5f-pkct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53229?format=json","vulnerability_id":"VCID-g8ws-pmea-9kbb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9511","reference_id":"","reference_type":"","scores":[{"value":"0.13725","scoring_system":"epss","scoring_elements":"0.94383","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741860","reference_id":"1741860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741860"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885","reference_id":"934885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037","reference_id":"935037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037"},{"reference_url":"https://security.archlinux.org/ASA-201908-12","reference_id":"ASA-201908-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-12"},{"reference_url":"https://security.archlinux.org/ASA-201908-13","reference_id":"ASA-201908-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-13"},{"reference_url":"https://security.archlinux.org/ASA-201908-17","reference_id":"ASA-201908-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-17"},{"reference_url":"https://security.archlinux.org/AVG-1022","reference_id":"AVG-1022","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1022"},{"reference_url":"https://security.archlinux.org/AVG-1023","reference_id":"AVG-1023","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1023"},{"reference_url":"https://security.archlinux.org/AVG-1024","reference_id":"AVG-1024","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1024"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9511","reference_id":"CVE-2019-9511","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2692","reference_id":"RHSA-2019:2692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2745","reference_id":"RHSA-2019:2745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2746","reference_id":"RHSA-2019:2746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2775","reference_id":"RHSA-2019:2775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2799","reference_id":"RHSA-2019:2799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"RHSA-2019:2925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"RHSA-2019:2939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2946","reference_id":"RHSA-2019:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2949","reference_id":"RHSA-2019:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"RHSA-2019:2955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2966","reference_id":"RHSA-2019:2966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3041","reference_id":"RHSA-2019:3041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4018","reference_id":"RHSA-2019:4018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4019","reference_id":"RHSA-2019:4019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4020","reference_id":"RHSA-2019:4020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4021","reference_id":"RHSA-2019:4021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2067","reference_id":"RHSA-2020:2067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2565","reference_id":"RHSA-2020:2565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3192","reference_id":"RHSA-2020:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5856","reference_id":"RHSA-2024:5856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5856"},{"reference_url":"https://usn.ubuntu.com/4099-1/","reference_id":"USN-4099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4099-1/"},{"reference_url":"https://usn.ubuntu.com/6754-1/","reference_id":"USN-6754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6754-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354112?format=json","purl":"pkg:deb/debian/nginx@1.14.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9511"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8ws-pmea-9kbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7436?format=json","vulnerability_id":"VCID-gjvm-84ff-3qad","summary":"NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27654","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05879","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450776","reference_id":"2450776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450776"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27654","reference_id":"CVE-2026-27654","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27654"},{"reference_url":"https://my.f5.com/manage/s/article/K000160382","reference_id":"K000160382","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:14:50Z/"}],"url":"https://my.f5.com/manage/s/article/K000160382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13634","reference_id":"RHSA-2026:13634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13680","reference_id":"RHSA-2026:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13839","reference_id":"RHSA-2026:13839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14836","reference_id":"RHSA-2026:14836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15942","reference_id":"RHSA-2026:15942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15943","reference_id":"RHSA-2026:15943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15945","reference_id":"RHSA-2026:15945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15966","reference_id":"RHSA-2026:15966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6906","reference_id":"RHSA-2026:6906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6907","reference_id":"RHSA-2026:6907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6923","reference_id":"RHSA-2026:6923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7002","reference_id":"RHSA-2026:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7343","reference_id":"RHSA-2026:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/8210-1/","reference_id":"USN-8210-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8210-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354134?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354136?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354135?format=json","purl":"pkg:deb/debian/nginx@1.28.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-27654"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjvm-84ff-3qad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70477?format=json","vulnerability_id":"VCID-gvf4-xvne-yffy","summary":"nginx security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2070","reference_id":"","reference_type":"","scores":[{"value":"0.06821","scoring_system":"epss","scoring_elements":"0.9147","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2070"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html"},{"reference_url":"https://nginx.org/download/patch.2013.chunked.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.chunked.txt"},{"reference_url":"https://nginx.org/download/patch.2013.chunked.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.chunked.txt.asc"},{"reference_url":"https://nginx.org/download/patch.2013.proxy.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.proxy.txt"},{"reference_url":"https://nginx.org/download/patch.2013.proxy.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2013.proxy.txt.asc"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164","reference_id":"708164","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2070","reference_id":"CVE-2013-2070","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2070"},{"reference_url":"https://security.gentoo.org/glsa/201310-04","reference_id":"GLSA-201310-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354100?format=json","purl":"pkg:deb/debian/nginx@1.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2013-2070"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gvf4-xvne-yffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90599?format=json","vulnerability_id":"VCID-hedb-u8uf-yqdf","summary":"When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39792","reference_id":"","reference_type":"","scores":[{"value":"0.01047","scoring_system":"epss","scoring_elements":"0.77797","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39792"},{"reference_url":"https://my.f5.com/manage/s/article/K000140108","reference_id":"K000140108","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-15T13:59:03Z/"}],"url":"https://my.f5.com/manage/s/article/K000140108"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-39792"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hedb-u8uf-yqdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68518?format=json","vulnerability_id":"VCID-j24e-t6u4-pbdw","summary":"nginx: virtual host confusion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3616.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3616","reference_id":"","reference_type":"","scores":[{"value":"0.02435","scoring_system":"epss","scoring_elements":"0.85406","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1142573","reference_id":"1142573","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1142573"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761940","reference_id":"761940","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761940"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3616","reference_id":"CVE-2014-3616","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3616"},{"reference_url":"https://security.gentoo.org/glsa/201502-06","reference_id":"GLSA-201502-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-06"},{"reference_url":"https://usn.ubuntu.com/2351-1/","reference_id":"USN-2351-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2351-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354104?format=json","purl":"pkg:deb/debian/nginx@1.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2014-3616"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j24e-t6u4-pbdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7440?format=json","vulnerability_id":"VCID-kn1z-74dk-zyed","summary":"NGINX: NGINX Plus: NGINX Open Source: NGINX Plus and NGINX Open Source: Request manipulation via header injection in SMTP upstream requests","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28753","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08898","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450780","reference_id":"2450780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450780"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28753","reference_id":"CVE-2026-28753","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28753"},{"reference_url":"https://my.f5.com/manage/s/article/K000160367","reference_id":"K000160367","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:24:28Z/"}],"url":"https://my.f5.com/manage/s/article/K000160367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/8210-1/","reference_id":"USN-8210-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8210-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354134?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354136?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354135?format=json","purl":"pkg:deb/debian/nginx@1.28.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-28753"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kn1z-74dk-zyed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53170?format=json","vulnerability_id":"VCID-mu8n-m2es-t3be","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9516","reference_id":"","reference_type":"","scores":[{"value":"0.02132","scoring_system":"epss","scoring_elements":"0.84456","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html","reference_id":"","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741864","reference_id":"1741864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741864"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037","reference_id":"935037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037"},{"reference_url":"https://security.archlinux.org/ASA-201908-12","reference_id":"ASA-201908-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-12"},{"reference_url":"https://security.archlinux.org/ASA-201908-13","reference_id":"ASA-201908-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-13"},{"reference_url":"https://security.archlinux.org/AVG-1022","reference_id":"AVG-1022","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1022"},{"reference_url":"https://security.archlinux.org/AVG-1023","reference_id":"AVG-1023","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1023"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9516","reference_id":"CVE-2019-9516","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2745","reference_id":"RHSA-2019:2745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2746","reference_id":"RHSA-2019:2746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2775","reference_id":"RHSA-2019:2775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2799","reference_id":"RHSA-2019:2799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2925","reference_id":"RHSA-2019:2925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2939","reference_id":"RHSA-2019:2939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2946","reference_id":"RHSA-2019:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2950","reference_id":"RHSA-2019:2950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2955","reference_id":"RHSA-2019:2955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2966","reference_id":"RHSA-2019:2966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://usn.ubuntu.com/4099-1/","reference_id":"USN-4099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354112?format=json","purl":"pkg:deb/debian/nginx@1.14.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9516"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mu8n-m2es-t3be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68519?format=json","vulnerability_id":"VCID-n7wg-h8ux-kbem","summary":"nginx: SMTP STARTTLS plaintext injection flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3556","reference_id":"","reference_type":"","scores":[{"value":"0.48169","scoring_system":"epss","scoring_elements":"0.97779","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html"},{"reference_url":"https://nginx.org/download/patch.2014.starttls.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2014.starttls.txt"},{"reference_url":"https://nginx.org/download/patch.2014.starttls.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2014.starttls.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1126891","reference_id":"1126891","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1126891"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196","reference_id":"757196","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3556","reference_id":"CVE-2014-3556","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3556"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354103?format=json","purl":"pkg:deb/debian/nginx@1.6.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2014-3556"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7wg-h8ux-kbem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25977?format=json","vulnerability_id":"VCID-pz92-zcud-5fh2","summary":"nginx: TLS Session Resumption Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23419","reference_id":"","reference_type":"","scores":[{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86487","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23419"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403","reference_id":"1095403","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344005","reference_id":"2344005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344005"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23419","reference_id":"CVE-2025-23419","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23419"},{"reference_url":"https://my.f5.com/manage/s/article/K000149173","reference_id":"K000149173","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T18:12:47Z/"}],"url":"https://my.f5.com/manage/s/article/K000149173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7331","reference_id":"RHSA-2025:7331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7331"},{"reference_url":"https://usn.ubuntu.com/7285-1/","reference_id":"USN-7285-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7285-1/"},{"reference_url":"https://usn.ubuntu.com/7285-2/","reference_id":"USN-7285-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7285-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354124?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354125?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354126?format=json","purl":"pkg:deb/debian/nginx@1.26.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2025-23419"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pz92-zcud-5fh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64771?format=json","vulnerability_id":"VCID-rqp9-y9tu-qbgg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42926","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06817","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42926"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42926","reference_id":"CVE-2026-42926","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42926"},{"reference_url":"https://my.f5.com/manage/s/article/K000161131","reference_id":"K000161131","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:54:52Z/"}],"url":"https://my.f5.com/manage/s/article/K000161131"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354138?format=json","purl":"pkg:deb/debian/nginx@1.30.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-42926"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqp9-y9tu-qbgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/29947?format=json","vulnerability_id":"VCID-ryfc-z6ww-nqfj","summary":"nginx: specially crafted MP4 file may cause denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7347","reference_id":"","reference_type":"","scores":[{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42187","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7347"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html","reference_id":"","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html"},{"reference_url":"https://nginx.org/download/patch.2024.mp4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2024.mp4.txt"},{"reference_url":"https://nginx.org/download/patch.2024.mp4.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2024.mp4.txt.asc"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971","reference_id":"1078971","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304966","reference_id":"2304966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304966"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7347","reference_id":"CVE-2024-7347","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7347"},{"reference_url":"https://security.gentoo.org/glsa/202409-32","reference_id":"GLSA-202409-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-32"},{"reference_url":"https://my.f5.com/manage/s/article/K000140529","reference_id":"K000140529","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T15:27:31Z/"}],"url":"https://my.f5.com/manage/s/article/K000140529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3261","reference_id":"RHSA-2025:3261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3262","reference_id":"RHSA-2025:3262","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3262"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7402","reference_id":"RHSA-2025:7402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7542","reference_id":"RHSA-2025:7542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7546","reference_id":"RHSA-2025:7546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7548","reference_id":"RHSA-2025:7548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7549","reference_id":"RHSA-2025:7549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7619","reference_id":"RHSA-2025:7619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7619"},{"reference_url":"https://usn.ubuntu.com/7014-1/","reference_id":"USN-7014-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7014-1/"},{"reference_url":"https://usn.ubuntu.com/7014-2/","reference_id":"USN-7014-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7014-2/"},{"reference_url":"https://usn.ubuntu.com/7014-3/","reference_id":"USN-7014-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7014-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354124?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354123?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354122?format=json","purl":"pkg:deb/debian/nginx@1.26.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2024-7347"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ryfc-z6ww-nqfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7434?format=json","vulnerability_id":"VCID-ttbr-yfea-47c5","summary":"NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27651","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15288","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450791","reference_id":"2450791","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450791"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27651","reference_id":"CVE-2026-27651","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27651"},{"reference_url":"https://my.f5.com/manage/s/article/K000160383","reference_id":"K000160383","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:02:03Z/"}],"url":"https://my.f5.com/manage/s/article/K000160383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13634","reference_id":"RHSA-2026:13634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13680","reference_id":"RHSA-2026:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13839","reference_id":"RHSA-2026:13839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14836","reference_id":"RHSA-2026:14836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15942","reference_id":"RHSA-2026:15942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15943","reference_id":"RHSA-2026:15943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15945","reference_id":"RHSA-2026:15945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15966","reference_id":"RHSA-2026:15966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6906","reference_id":"RHSA-2026:6906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6907","reference_id":"RHSA-2026:6907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6923","reference_id":"RHSA-2026:6923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7002","reference_id":"RHSA-2026:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7343","reference_id":"RHSA-2026:7343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/8210-1/","reference_id":"USN-8210-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8210-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354134?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354136?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354135?format=json","purl":"pkg:deb/debian/nginx@1.28.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-27651"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ttbr-yfea-47c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90597?format=json","vulnerability_id":"VCID-tx6d-uxzp-cuc4","summary":"nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the \"%c0.%c0.\" sequence.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2266","reference_id":"","reference_type":"","scores":[{"value":"0.07262","scoring_system":"epss","scoring_elements":"0.91753","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2266"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2266","reference_id":"CVE-2010-2266","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2266"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2010-2266"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tx6d-uxzp-cuc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65359?format=json","vulnerability_id":"VCID-unqm-tj1s-jugg","summary":"nginx: NULL pointer dereference while writing client request body","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4450","reference_id":"","reference_type":"","scores":[{"value":"0.03471","scoring_system":"epss","scoring_elements":"0.87747","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html"},{"reference_url":"https://nginx.org/download/patch.2016.write2.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2016.write2.txt"},{"reference_url":"https://nginx.org/download/patch.2016.write2.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2016.write2.txt.asc"},{"reference_url":"https://nginx.org/download/patch.2016.write.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2016.write.txt"},{"reference_url":"https://nginx.org/download/patch.2016.write.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2016.write.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1341462","reference_id":"1341462","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1341462"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960","reference_id":"825960","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4450","reference_id":"CVE-2016-4450","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4450"},{"reference_url":"https://security.gentoo.org/glsa/201606-06","reference_id":"GLSA-201606-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1425","reference_id":"RHSA-2016:1425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1425"},{"reference_url":"https://usn.ubuntu.com/2991-1/","reference_id":"USN-2991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354107?format=json","purl":"pkg:deb/debian/nginx@1.10.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2016-4450"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-unqm-tj1s-jugg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64520?format=json","vulnerability_id":"VCID-upvd-f1ab-6ycc","summary":"nginx: Local privilege escalation via log files","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1247","reference_id":"","reference_type":"","scores":[{"value":"0.0983","scoring_system":"epss","scoring_elements":"0.931","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:C/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390182","reference_id":"1390182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390182"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295","reference_id":"842295","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295"},{"reference_url":"https://security.archlinux.org/ASA-201701-23","reference_id":"ASA-201701-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-23"},{"reference_url":"https://security.archlinux.org/ASA-201701-24","reference_id":"ASA-201701-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-24"},{"reference_url":"https://security.archlinux.org/AVG-138","reference_id":"AVG-138","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-138"},{"reference_url":"https://security.archlinux.org/AVG-139","reference_id":"AVG-139","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-139"},{"reference_url":"http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html","reference_id":"CVE-2016-1247","reference_type":"exploit","scores":[],"url":"http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh","reference_id":"CVE-2016-1247","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh"},{"reference_url":"https://security.gentoo.org/glsa/201701-22","reference_id":"GLSA-201701-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-22"},{"reference_url":"https://usn.ubuntu.com/3114-1/","reference_id":"USN-3114-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3114-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354106?format=json","purl":"pkg:deb/debian/nginx@1.10.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2016-1247"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-upvd-f1ab-6ycc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5042?format=json","vulnerability_id":"VCID-uy9d-zu9s-6yh3","summary":"nginx: NGINX: Arbitrary Code Execution Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42945","reference_id":"","reference_type":"","scores":[{"value":"0.00897","scoring_system":"epss","scoring_elements":"0.75963","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477116","reference_id":"2477116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477116"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42945","reference_id":"CVE-2026-42945","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42945"},{"reference_url":"https://my.f5.com/manage/s/article/K000161019","reference_id":"K000161019","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-13T15:55:27Z/"}],"url":"https://my.f5.com/manage/s/article/K000161019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17417","reference_id":"RHSA-2026:17417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17751","reference_id":"RHSA-2026:17751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17752","reference_id":"RHSA-2026:17752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17753","reference_id":"RHSA-2026:17753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17790","reference_id":"RHSA-2026:17790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17791","reference_id":"RHSA-2026:17791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17792","reference_id":"RHSA-2026:17792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17793","reference_id":"RHSA-2026:17793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17794","reference_id":"RHSA-2026:17794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18029","reference_id":"RHSA-2026:18029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18041","reference_id":"RHSA-2026:18041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18063","reference_id":"RHSA-2026:18063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19159","reference_id":"RHSA-2026:19159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19371","reference_id":"RHSA-2026:19371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19372","reference_id":"RHSA-2026:19372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19374","reference_id":"RHSA-2026:19374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20442","reference_id":"RHSA-2026:20442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20444","reference_id":"RHSA-2026:20444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21275","reference_id":"RHSA-2026:21275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21275"},{"reference_url":"https://usn.ubuntu.com/8271-1/","reference_id":"USN-8271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354140?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354139?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354141?format=json","purl":"pkg:deb/debian/nginx@1.30.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-42945"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uy9d-zu9s-6yh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81489?format=json","vulnerability_id":"VCID-vtdw-fz3q-rfff","summary":"Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3380","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.291","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354098?format=json","purl":"pkg:deb/debian/nginx@1.2.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2012-3380"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtdw-fz3q-rfff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90598?format=json","vulnerability_id":"VCID-vyg1-32ch-qkhu","summary":"nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain \"$index_allocation\" sequences in a request.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4963","reference_id":"","reference_type":"","scores":[{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54425","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4963"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4963","reference_id":"CVE-2011-4963","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2011-4963"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vyg1-32ch-qkhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90596?format=json","vulnerability_id":"VCID-w5q8-zw8t-t3he","summary":"nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2263","reference_id":"","reference_type":"","scores":[{"value":"0.44217","scoring_system":"epss","scoring_elements":"0.97609","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2263"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2263","reference_id":"CVE-2010-2263","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2263"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt","reference_id":"CVE-2010-2263;OSVDB-65531","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt","reference_id":"CVE-2010-2266;CVE-2010-2263;OSVDB-65531;OSVDB-65530","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2010-2263"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w5q8-zw8t-t3he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5041?format=json","vulnerability_id":"VCID-wc2b-cb7d-ekbq","summary":"nginx: ngx_http_ssl_module: data corruption and denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40701.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40701.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40701","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13942","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40701","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40701"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477076","reference_id":"2477076","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477076"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40701","reference_id":"CVE-2026-40701","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40701"},{"reference_url":"https://my.f5.com/manage/s/article/K000161021","reference_id":"K000161021","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:55:34Z/"}],"url":"https://my.f5.com/manage/s/article/K000161021"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354128?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354140?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354139?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354138?format=json","purl":"pkg:deb/debian/nginx@1.30.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-40701"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wc2b-cb7d-ekbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78732?format=json","vulnerability_id":"VCID-x3ng-bs7w-dfb1","summary":"nginx NULL pointer dereference","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3896.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3896","reference_id":"","reference_type":"","scores":[{"value":"0.02511","scoring_system":"epss","scoring_elements":"0.85609","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896"},{"reference_url":"https://nginx.org/download/patch.null.pointer.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.null.pointer.txt"},{"reference_url":"https://nginx.org/download/patch.null.pointer.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.null.pointer.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=539565","reference_id":"539565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=539565"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3896","reference_id":"CVE-2009-3896","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3896"},{"reference_url":"https://security.gentoo.org/glsa/201203-22","reference_id":"GLSA-201203-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354091?format=json","purl":"pkg:deb/debian/nginx@0.7.62-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.62-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2009-3896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3ng-bs7w-dfb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7438?format=json","vulnerability_id":"VCID-xg73-adr1-ybfr","summary":"NGINX: NGINX: Certificate revocation bypass when OCSP is enabled","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28755.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28755.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28755","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01393","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28755"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://my.f5.com/manage/s/article/K000160368","reference_id":"","reference_type":"","scores":[],"url":"https://my.f5.com/manage/s/article/K000160368"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450779","reference_id":"2450779","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450779"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28755","reference_id":"CVE-2026-28755","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8346","reference_id":"RHSA-2026:8346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8346"},{"reference_url":"https://usn.ubuntu.com/8210-1/","reference_id":"USN-8210-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8210-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354093?format=json","purl":"pkg:deb/debian/nginx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354137?format=json","purl":"pkg:deb/debian/nginx@1.28.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2026-28755"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xg73-adr1-ybfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66053?format=json","vulnerability_id":"VCID-xhjz-rux9-xbc1","summary":"nginx: Insufficient limits of CNAME resolution in resolver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0747","reference_id":"","reference_type":"","scores":[{"value":"0.20023","scoring_system":"epss","scoring_elements":"0.95577","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302589","reference_id":"1302589","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302589"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806","reference_id":"812806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0747","reference_id":"CVE-2016-0747","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0747"},{"reference_url":"https://security.gentoo.org/glsa/201606-06","reference_id":"GLSA-201606-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1425","reference_id":"RHSA-2016:1425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1425"},{"reference_url":"https://usn.ubuntu.com/2892-1/","reference_id":"USN-2892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2892-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354105?format=json","purl":"pkg:deb/debian/nginx@1.9.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2016-0747"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhjz-rux9-xbc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74029?format=json","vulnerability_id":"VCID-xnjs-1q7g-gqfk","summary":"nginx: ngx_http_parse_complex_uri() buffer underflow vulnerability (VU#180065)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2629.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2629.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2629","reference_id":"","reference_type":"","scores":[{"value":"0.781","scoring_system":"epss","scoring_elements":"0.99037","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629"},{"reference_url":"https://nginx.org/download/patch.180065.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.180065.txt"},{"reference_url":"https://nginx.org/download/patch.180065.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.180065.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=523105","reference_id":"523105","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=523105"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14830.py","reference_id":"CVE-2009-2629","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14830.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-2629","reference_id":"CVE-2009-2629","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-2629"},{"reference_url":"https://security.gentoo.org/glsa/200909-18","reference_id":"GLSA-200909-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354086?format=json","purl":"pkg:deb/debian/nginx@0.7.61-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.61-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2009-2629","VU#180065"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnjs-1q7g-gqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54643?format=json","vulnerability_id":"VCID-y5b5-9z4k-u3bn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16845","reference_id":"","reference_type":"","scores":[{"value":"0.04022","scoring_system":"epss","scoring_elements":"0.88663","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html","reference_id":"","reference_type":"","scores":[{"value":"medium","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html"},{"reference_url":"https://nginx.org/download/patch.2018.mp4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2018.mp4.txt"},{"reference_url":"https://nginx.org/download/patch.2018.mp4.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.2018.mp4.txt.asc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644508","reference_id":"1644508","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644508"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090","reference_id":"913090","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16845","reference_id":"CVE-2018-16845","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3652","reference_id":"RHSA-2018:3652","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3653","reference_id":"RHSA-2018:3653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3680","reference_id":"RHSA-2018:3680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3681","reference_id":"RHSA-2018:3681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3681"},{"reference_url":"https://usn.ubuntu.com/3812-1/","reference_id":"USN-3812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354110?format=json","purl":"pkg:deb/debian/nginx@1.14.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2018-16845"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5b5-9z4k-u3bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70161?format=json","vulnerability_id":"VCID-yrex-aeq8-cue8","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4929","reference_id":"","reference_type":"","scores":[{"value":"0.08487","scoring_system":"epss","scoring_elements":"0.92488","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936","reference_id":"689936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399","reference_id":"700399","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426","reference_id":"700426","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197","reference_id":"727197","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055","reference_id":"728055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=857051","reference_id":"857051","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=857051"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0587","reference_id":"RHSA-2013:0587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0636","reference_id":"RHSA-2013:0636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0416","reference_id":"RHSA-2014:0416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0416"},{"reference_url":"https://usn.ubuntu.com/1627-1/","reference_id":"USN-1627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1627-1/"},{"reference_url":"https://usn.ubuntu.com/1628-1/","reference_id":"USN-1628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1628-1/"},{"reference_url":"https://usn.ubuntu.com/1898-1/","reference_id":"USN-1898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1898-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354099?format=json","purl":"pkg:deb/debian/nginx@1.2.1-2.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2012-4929"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yrex-aeq8-cue8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2206?format=json","vulnerability_id":"VCID-znvx-aqbr-2yck","summary":"Mozilla developers added support in the Network Security Services\nmodule for preventing a type of man-in-the-middle attack against TLS\nusing forced renegotiation.Note that to benefit from the fix, Firefox 3.6 and\nFirefox 3.5 users will need to set\ntheir security.ssl.require_safe_negotiation preference to\ntrue.  Firefox 3 does not contain the fix for this issue.","references":[{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"},{"reference_url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"},{"reference_url":"http://blogs.iss.net/archive/sslmitmiscsrf.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://blogs.iss.net/archive/sslmitmiscsrf.html"},{"reference_url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"},{"reference_url":"http://clicky.me/tlsvuln","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://clicky.me/tlsvuln"},{"reference_url":"http://extendedsubset.com/?p=8","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://extendedsubset.com/?p=8"},{"reference_url":"http://extendedsubset.com/Renegotiating_TLS.pdf","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://extendedsubset.com/Renegotiating_TLS.pdf"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041"},{"reference_url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"},{"reference_url":"http://kbase.redhat.com/faq/docs/DOC-20491","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://kbase.redhat.com/faq/docs/DOC-20491"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"},{"reference_url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"},{"reference_url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"reference_url":"http://marc.info/?l=cryptography&m=125752275331877&w=2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://marc.info/?l=cryptography&m=125752275331877&w=2"},{"reference_url":"http://openbsd.org/errata45.html#010_openssl","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://openbsd.org/errata45.html#010_openssl"},{"reference_url":"http://openbsd.org/errata46.html#004_openssl","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://openbsd.org/errata46.html#004_openssl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1579","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1580","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1694","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0011","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0119","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0130","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0155","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0162","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0163","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0164","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0165","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0166","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0167","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0337","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0338","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0339","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0408","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0440","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0768","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0770","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0786","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0807","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0865","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0986","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0986"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0987","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0880","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2011:0880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1591","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:1591"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2009-3555","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2009-3555"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3555","reference_id":"","reference_type":"","scores":[{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88206","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3555"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125"},{"reference_url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=50325","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=50325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"},{"reference_url":"http://seclists.org/fulldisclosure/2009/Nov/139","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://seclists.org/fulldisclosure/2009/Nov/139"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200912-01.xml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://security.gentoo.org/glsa/glsa-200912-01.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201203-22.xml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://security.gentoo.org/glsa/glsa-201203-22.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201406-32.xml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://security.gentoo.org/glsa/glsa-201406-32.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5"},{"reference_url":"https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d"},{"reference_url":"https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3"},{"reference_url":"https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701"},{"reference_url":"https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02"},{"reference_url":"https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3"},{"reference_url":"https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d"},{"reference_url":"https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366"},{"reference_url":"https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446"},{"reference_url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>"},{"reference_url":"https://nginx.org/download/patch.cve-2009-3555.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.cve-2009-3555.txt"},{"reference_url":"https://nginx.org/download/patch.cve-2009-3555.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.cve-2009-3555.txt.asc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535"},{"reference_url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"},{"reference_url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"},{"reference_url":"https://tomcat.apache.org/security-5.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-5.html"},{"reference_url":"https://tomcat.apache.org/security-6.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-6.html"},{"reference_url":"https://tomcat.apache.org/security-7.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-7.html"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"},{"reference_url":"http://support.apple.com/kb/HT4004","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.apple.com/kb/HT4004"},{"reference_url":"http://support.apple.com/kb/HT4170","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.apple.com/kb/HT4170"},{"reference_url":"http://support.apple.com/kb/HT4171","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.apple.com/kb/HT4171"},{"reference_url":"http://support.avaya.com/css/P8/documents/100070150","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.avaya.com/css/P8/documents/100070150"},{"reference_url":"http://support.avaya.com/css/P8/documents/100081611","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.avaya.com/css/P8/documents/100081611"},{"reference_url":"http://support.avaya.com/css/P8/documents/100114315","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.avaya.com/css/P8/documents/100114315"},{"reference_url":"http://support.avaya.com/css/P8/documents/100114327","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.avaya.com/css/P8/documents/100114327"},{"reference_url":"http://support.citrix.com/article/CTX123359","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.citrix.com/article/CTX123359"},{"reference_url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"},{"reference_url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"},{"reference_url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt"},{"reference_url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"},{"reference_url":"http://ubuntu.com/usn/usn-923-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://ubuntu.com/usn/usn-923-1"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only"},{"reference_url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt"},{"reference_url":"http://www.betanews.com/article/1257452450","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.betanews.com/article/1257452450"},{"reference_url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml"},{"reference_url":"http://www.debian.org/security/2009/dsa-1934","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.debian.org/security/2009/dsa-1934"},{"reference_url":"http://www.debian.org/security/2011/dsa-2141","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.debian.org/security/2011/dsa-2141"},{"reference_url":"http://www.debian.org/security/2015/dsa-3253","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.debian.org/security/2015/dsa-3253"},{"reference_url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"},{"reference_url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"},{"reference_url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"},{"reference_url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"},{"reference_url":"http://www.ingate.com/Relnote.php?ver=481","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.ingate.com/Relnote.php?ver=481"},{"reference_url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"reference_url":"http://www.kb.cert.org/vuls/id/120541","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.kb.cert.org/vuls/id/120541"},{"reference_url":"http://www.links.org/?p=780","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.links.org/?p=780"},{"reference_url":"http://www.links.org/?p=786","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.links.org/?p=786"},{"reference_url":"http://www.links.org/?p=789","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.links.org/?p=789"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"},{"reference_url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"},{"reference_url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html"},{"reference_url":"http://www.openssl.org/news/secadv_20091111.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openssl.org/news/secadv_20091111.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/05/3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/05/5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/06/3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openwall.com/lists/oss-security/2009/11/06/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/07/3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openwall.com/lists/oss-security/2009/11/07/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/20/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openwall.com/lists/oss-security/2009/11/20/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/23/10","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.openwall.com/lists/oss-security/2009/11/23/10"},{"reference_url":"http://www.opera.com/docs/changelogs/unix/1060","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.opera.com/docs/changelogs/unix/1060"},{"reference_url":"http://www.opera.com/support/search/view/944","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.opera.com/support/search/view/944"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"},{"reference_url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html"},{"reference_url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"},{"reference_url":"http://www.tombom.co.uk/blog/?p=85","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.tombom.co.uk/blog/?p=85"},{"reference_url":"http://www.ubuntu.com/usn/USN-1010-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.ubuntu.com/usn/USN-1010-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.ubuntu.com/usn/USN-927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.ubuntu.com/usn/USN-927-4"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.ubuntu.com/usn/USN-927-5"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html"},{"reference_url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0032","reference_id":"0032","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2011/0032"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0033","reference_id":"0033","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2011/0033"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0086","reference_id":"0086","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0086"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0086","reference_id":"0086","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2011/0086"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0173","reference_id":"0173","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0173"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0748","reference_id":"0748","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0748"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0848","reference_id":"0848","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0848"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0916","reference_id":"0916","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0916"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0933","reference_id":"0933","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0933"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0982","reference_id":"0982","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0982"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0994","reference_id":"0994","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/0994"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1054","reference_id":"1054","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/1054"},{"reference_url":"http://www.opera.com/docs/changelogs/unix/1060/","reference_id":"1060","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.opera.com/docs/changelogs/unix/1060/"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1191","reference_id":"1191","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/1191"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1350","reference_id":"1350","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/1350"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1639","reference_id":"1639","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/1639"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1673","reference_id":"1673","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/1673"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1793","reference_id":"1793","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/1793"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2010","reference_id":"2010","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/2010"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2745","reference_id":"2745","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/2745"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3069","reference_id":"3069","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3069"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3086","reference_id":"3086","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3086"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3126","reference_id":"3126","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3126"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3164","reference_id":"3164","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3164"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3165","reference_id":"3165","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3165"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3205","reference_id":"3205","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3205"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3220","reference_id":"3220","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3220"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3310","reference_id":"3310","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3310"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3313","reference_id":"3313","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3313"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3353","reference_id":"3353","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3353"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3354","reference_id":"3354","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3354"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3484","reference_id":"3484","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3484"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3521","reference_id":"3521","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3521"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3587","reference_id":"3587","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3587"},{"reference_url":"http://www.securityfocus.com/bid/36935","reference_id":"36935","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securityfocus.com/bid/36935"},{"reference_url":"http://secunia.com/advisories/37291","reference_id":"37291","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37291"},{"reference_url":"http://secunia.com/advisories/37292","reference_id":"37292","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37292"},{"reference_url":"http://secunia.com/advisories/37320","reference_id":"37320","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37320"},{"reference_url":"http://secunia.com/advisories/37383","reference_id":"37383","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37383"},{"reference_url":"http://secunia.com/advisories/37399","reference_id":"37399","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37399"},{"reference_url":"http://secunia.com/advisories/37453","reference_id":"37453","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37453"},{"reference_url":"http://secunia.com/advisories/37501","reference_id":"37501","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37501"},{"reference_url":"http://secunia.com/advisories/37504","reference_id":"37504","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37504"},{"reference_url":"http://secunia.com/advisories/37604","reference_id":"37604","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37604"},{"reference_url":"http://secunia.com/advisories/37640","reference_id":"37640","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37640"},{"reference_url":"http://secunia.com/advisories/37656","reference_id":"37656","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37656"},{"reference_url":"http://secunia.com/advisories/37675","reference_id":"37675","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37675"},{"reference_url":"http://secunia.com/advisories/37859","reference_id":"37859","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/37859"},{"reference_url":"http://secunia.com/advisories/38003","reference_id":"38003","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/38003"},{"reference_url":"http://secunia.com/advisories/38020","reference_id":"38020","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/38020"},{"reference_url":"http://secunia.com/advisories/38056","reference_id":"38056","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/38056"},{"reference_url":"http://secunia.com/advisories/38241","reference_id":"38241","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/38241"},{"reference_url":"http://secunia.com/advisories/38484","reference_id":"38484","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/38484"},{"reference_url":"http://secunia.com/advisories/38687","reference_id":"38687","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/38687"},{"reference_url":"http://secunia.com/advisories/38781","reference_id":"38781","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/38781"},{"reference_url":"http://secunia.com/advisories/39127","reference_id":"39127","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39127"},{"reference_url":"http://secunia.com/advisories/39136","reference_id":"39136","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39136"},{"reference_url":"http://secunia.com/advisories/39242","reference_id":"39242","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39242"},{"reference_url":"http://secunia.com/advisories/39243","reference_id":"39243","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39243"},{"reference_url":"http://secunia.com/advisories/39278","reference_id":"39278","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39278"},{"reference_url":"http://secunia.com/advisories/39292","reference_id":"39292","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39292"},{"reference_url":"http://secunia.com/advisories/39317","reference_id":"39317","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39317"},{"reference_url":"http://secunia.com/advisories/39461","reference_id":"39461","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39461"},{"reference_url":"http://secunia.com/advisories/39500","reference_id":"39500","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39500"},{"reference_url":"http://secunia.com/advisories/39628","reference_id":"39628","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39628"},{"reference_url":"http://secunia.com/advisories/39632","reference_id":"39632","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39632"},{"reference_url":"http://secunia.com/advisories/39713","reference_id":"39713","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39713"},{"reference_url":"http://secunia.com/advisories/39819","reference_id":"39819","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/39819"},{"reference_url":"http://secunia.com/advisories/40070","reference_id":"40070","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/40070"},{"reference_url":"http://secunia.com/advisories/40545","reference_id":"40545","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/40545"},{"reference_url":"http://secunia.com/advisories/40747","reference_id":"40747","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/40747"},{"reference_url":"http://secunia.com/advisories/40866","reference_id":"40866","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/40866"},{"reference_url":"http://secunia.com/advisories/41480","reference_id":"41480","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/41480"},{"reference_url":"http://secunia.com/advisories/41490","reference_id":"41490","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/41490"},{"reference_url":"http://secunia.com/advisories/41818","reference_id":"41818","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/41818"},{"reference_url":"http://secunia.com/advisories/41967","reference_id":"41967","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/41967"},{"reference_url":"http://secunia.com/advisories/41972","reference_id":"41972","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/41972"},{"reference_url":"http://secunia.com/advisories/42377","reference_id":"42377","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42377"},{"reference_url":"http://secunia.com/advisories/42379","reference_id":"42379","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42379"},{"reference_url":"http://secunia.com/advisories/42467","reference_id":"42467","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42467"},{"reference_url":"http://secunia.com/advisories/42724","reference_id":"42724","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42724"},{"reference_url":"http://secunia.com/advisories/42733","reference_id":"42733","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42733"},{"reference_url":"http://secunia.com/advisories/42808","reference_id":"42808","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42808"},{"reference_url":"http://secunia.com/advisories/42811","reference_id":"42811","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42811"},{"reference_url":"http://secunia.com/advisories/42816","reference_id":"42816","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/42816"},{"reference_url":"http://secunia.com/advisories/43308","reference_id":"43308","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/43308"},{"reference_url":"http://secunia.com/advisories/44954","reference_id":"44954","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/44954"},{"reference_url":"http://secunia.com/advisories/48577","reference_id":"48577","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://secunia.com/advisories/48577"},{"reference_url":"http://www.securityfocus.com/archive/1/522176","reference_id":"522176","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securityfocus.com/archive/1/522176"},{"reference_url":"http://osvdb.org/60521","reference_id":"60521","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://osvdb.org/60521"},{"reference_url":"http://osvdb.org/60972","reference_id":"60972","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://osvdb.org/60972"},{"reference_url":"http://osvdb.org/62210","reference_id":"62210","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://osvdb.org/62210"},{"reference_url":"http://osvdb.org/65202","reference_id":"65202","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://osvdb.org/65202"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649","reference_id":"765649","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649"},{"reference_url":"http://www.opera.com/support/search/view/944/","reference_id":"944","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.opera.com/support/search/view/944/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555","reference_id":"CVE-2009-3555","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py","reference_id":"CVE-2009-3555","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt","reference_id":"CVE-2009-3555;OSVDB-59970","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt"},{"reference_url":"https://www.securityfocus.com/bid/35888/info","reference_id":"CVE-2009-3555;OSVDB-59970","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35888/info"},{"reference_url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E","reference_id":"f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://github.com/advisories/GHSA-f7w7-6pjc-wwm6","reference_id":"GHSA-f7w7-6pjc-wwm6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f7w7-6pjc-wwm6"},{"reference_url":"https://security.gentoo.org/glsa/200912-01","reference_id":"GLSA-200912-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-01"},{"reference_url":"https://security.gentoo.org/glsa/201006-18","reference_id":"GLSA-201006-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-18"},{"reference_url":"https://security.gentoo.org/glsa/201110-05","reference_id":"GLSA-201110-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-05"},{"reference_url":"https://security.gentoo.org/glsa/201203-22","reference_id":"GLSA-201203-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-22"},{"reference_url":"https://security.gentoo.org/glsa/201206-18","reference_id":"GLSA-201206-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-18"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://security.gentoo.org/glsa/201309-15","reference_id":"GLSA-201309-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-15"},{"reference_url":"https://security.gentoo.org/glsa/201311-13","reference_id":"GLSA-201311-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-13"},{"reference_url":"https://security.gentoo.org/glsa/201406-32","reference_id":"GLSA-201406-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-32"},{"reference_url":"http://securitytracker.com/id?1023148","reference_id":"id?1023148","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://securitytracker.com/id?1023148"},{"reference_url":"http://www.securitytracker.com/id?1023163","reference_id":"id?1023163","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023163"},{"reference_url":"http://www.securitytracker.com/id?1023204","reference_id":"id?1023204","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023204"},{"reference_url":"http://www.securitytracker.com/id?1023205","reference_id":"id?1023205","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023205"},{"reference_url":"http://www.securitytracker.com/id?1023206","reference_id":"id?1023206","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023206"},{"reference_url":"http://www.securitytracker.com/id?1023207","reference_id":"id?1023207","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023207"},{"reference_url":"http://www.securitytracker.com/id?1023208","reference_id":"id?1023208","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023208"},{"reference_url":"http://www.securitytracker.com/id?1023209","reference_id":"id?1023209","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023209"},{"reference_url":"http://www.securitytracker.com/id?1023210","reference_id":"id?1023210","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023210"},{"reference_url":"http://www.securitytracker.com/id?1023211","reference_id":"id?1023211","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023211"},{"reference_url":"http://www.securitytracker.com/id?1023212","reference_id":"id?1023212","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023212"},{"reference_url":"http://www.securitytracker.com/id?1023213","reference_id":"id?1023213","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023213"},{"reference_url":"http://www.securitytracker.com/id?1023214","reference_id":"id?1023214","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023214"},{"reference_url":"http://www.securitytracker.com/id?1023215","reference_id":"id?1023215","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023215"},{"reference_url":"http://www.securitytracker.com/id?1023216","reference_id":"id?1023216","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023216"},{"reference_url":"http://www.securitytracker.com/id?1023217","reference_id":"id?1023217","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023217"},{"reference_url":"http://www.securitytracker.com/id?1023218","reference_id":"id?1023218","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023218"},{"reference_url":"http://www.securitytracker.com/id?1023219","reference_id":"id?1023219","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023219"},{"reference_url":"http://www.securitytracker.com/id?1023224","reference_id":"id?1023224","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023224"},{"reference_url":"http://www.securitytracker.com/id?1023243","reference_id":"id?1023243","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023243"},{"reference_url":"http://www.securitytracker.com/id?1023270","reference_id":"id?1023270","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023270"},{"reference_url":"http://www.securitytracker.com/id?1023271","reference_id":"id?1023271","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023271"},{"reference_url":"http://www.securitytracker.com/id?1023272","reference_id":"id?1023272","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023272"},{"reference_url":"http://www.securitytracker.com/id?1023273","reference_id":"id?1023273","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023273"},{"reference_url":"http://www.securitytracker.com/id?1023274","reference_id":"id?1023274","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023274"},{"reference_url":"http://www.securitytracker.com/id?1023275","reference_id":"id?1023275","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023275"},{"reference_url":"http://www.securitytracker.com/id?1023411","reference_id":"id?1023411","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023411"},{"reference_url":"http://www.securitytracker.com/id?1023426","reference_id":"id?1023426","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023426"},{"reference_url":"http://www.securitytracker.com/id?1023427","reference_id":"id?1023427","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023427"},{"reference_url":"http://www.securitytracker.com/id?1023428","reference_id":"id?1023428","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1023428"},{"reference_url":"http://www.securitytracker.com/id?1024789","reference_id":"id?1024789","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securitytracker.com/id?1024789"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-22","reference_id":"mfsa2010-22","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-22"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A10088","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A11578","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A11617","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A7315","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A7478","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A7973","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A8366","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A8535","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535"},{"reference_url":"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html","reference_id":"plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html"},{"reference_url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E","reference_id":"re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"http://www.securityfocus.com/archive/1/507952/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securityfocus.com/archive/1/507952/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/508075/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securityfocus.com/archive/1/508075/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/508130/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securityfocus.com/archive/1/508130/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/515055/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securityfocus.com/archive/1/515055/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/516397/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-27T15:38:52Z/"}],"url":"http://www.securityfocus.com/archive/1/516397/100/0/threaded"},{"reference_url":"https://usn.ubuntu.com/1010-1/","reference_id":"USN-1010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1010-1/"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"},{"reference_url":"https://usn.ubuntu.com/923-1/","reference_id":"USN-923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/923-1/"},{"reference_url":"https://usn.ubuntu.com/927-1/","reference_id":"USN-927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-1/"},{"reference_url":"https://usn.ubuntu.com/927-4/","reference_id":"USN-927-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-4/"},{"reference_url":"https://usn.ubuntu.com/927-6/","reference_id":"USN-927-6","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-6/"},{"reference_url":"https://usn.ubuntu.com/990-1/","reference_id":"USN-990-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/990-1/"},{"reference_url":"https://usn.ubuntu.com/990-2/","reference_id":"USN-990-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/990-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354090?format=json","purl":"pkg:deb/debian/nginx@0.7.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2009-3555","GHSA-f7w7-6pjc-wwm6","VU#120541"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znvx-aqbr-2yck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57378?format=json","vulnerability_id":"VCID-zygf-63mp-cqaa","summary":"nginx: Excessive CPU usage via flaw in HTTP/2 implementation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16844","reference_id":"","reference_type":"","scores":[{"value":"0.11144","scoring_system":"epss","scoring_elements":"0.93596","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html","reference_id":"","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644510","reference_id":"1644510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644510"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090","reference_id":"913090","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16844","reference_id":"CVE-2018-16844","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3680","reference_id":"RHSA-2018:3680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3681","reference_id":"RHSA-2018:3681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3681"},{"reference_url":"https://usn.ubuntu.com/3812-1/","reference_id":"USN-3812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354110?format=json","purl":"pkg:deb/debian/nginx@1.14.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354087?format=json","purl":"pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354085?format=json","purl":"pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-kvpj-4273-4khg"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354089?format=json","purl":"pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-422n-2b44-mbh2"},{"vulnerability":"VCID-xsdq-5m4c-mqcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/354088?format=json","purl":"pkg:deb/debian/nginx@1.30.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.30.1-3%3Fdistro=trixie"}],"aliases":["CVE-2018-16844"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zygf-63mp-cqaa"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie"}