{"url":"http://public2.vulnerablecode.io/api/packages/367146?format=json","purl":"pkg:apk/alpine/ntfs-3g@2022.5.17-r0?arch=aarch64&distroversion=v3.20&reponame=main","type":"apk","namespace":"alpine","name":"ntfs-3g","version":"2022.5.17-r0","qualifiers":{"arch":"aarch64","distroversion":"v3.20","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95498?format=json","vulnerability_id":"VCID-ju34-zdf2-hfe9","summary":"ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46790.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46790","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13007","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13088","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011770","reference_id":"1011770","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011770"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093358","reference_id":"2093358","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093358"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2179","reference_id":"RHSA-2023:2179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2757","reference_id":"RHSA-2023:2757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2757"},{"reference_url":"https://usn.ubuntu.com/5452-1/","reference_id":"USN-5452-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5452-1/"},{"reference_url":"https://usn.ubuntu.com/5463-1/","reference_id":"USN-5463-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5463-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/367146?format=json","purl":"pkg:apk/alpine/ntfs-3g@2022.5.17-r0?arch=aarch64&distroversion=v3.20&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntfs-3g@2022.5.17-r0%3Farch=aarch64&distroversion=v3.20&reponame=main"}],"aliases":["CVE-2021-46790"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ju34-zdf2-hfe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95504?format=json","vulnerability_id":"VCID-p5h9-wht9-1uer","summary":"An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30787.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30787.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30787","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07515","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07551","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011770","reference_id":"1011770","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011770"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093333","reference_id":"2093333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093333"},{"reference_url":"https://security.gentoo.org/glsa/202301-01","reference_id":"GLSA-202301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202301-01"},{"reference_url":"https://usn.ubuntu.com/5463-1/","reference_id":"USN-5463-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5463-1/"},{"reference_url":"https://usn.ubuntu.com/5463-2/","reference_id":"USN-5463-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5463-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/367146?format=json","purl":"pkg:apk/alpine/ntfs-3g@2022.5.17-r0?arch=aarch64&distroversion=v3.20&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntfs-3g@2022.5.17-r0%3Farch=aarch64&distroversion=v3.20&reponame=main"}],"aliases":["CVE-2022-30787"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5h9-wht9-1uer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3513?format=json","vulnerability_id":"VCID-v14k-rn3f-gufw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30789.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30789","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09287","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09244","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011770","reference_id":"1011770","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011770"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093348","reference_id":"2093348","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093348"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JPX6OUCQKZX4PN5DQPVDUFZCOOZUX7Z/","reference_id":"7JPX6OUCQKZX4PN5DQPVDUFZCOOZUX7Z","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JPX6OUCQKZX4PN5DQPVDUFZCOOZUX7Z/"},{"reference_url":"https://security.archlinux.org/AVG-2749","reference_id":"AVG-2749","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2749"},{"reference_url":"https://www.debian.org/security/2022/dsa-5160","reference_id":"dsa-5160","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://www.debian.org/security/2022/dsa-5160"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECDCISL24TYH4CTDFCUVF24WAKRSYF7F/","reference_id":"ECDCISL24TYH4CTDFCUVF24WAKRSYF7F","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECDCISL24TYH4CTDFCUVF24WAKRSYF7F/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FAXFYIJWT5SHHRNPOJETM77EIMJ6ZP6I/","reference_id":"FAXFYIJWT5SHHRNPOJETM77EIMJ6ZP6I","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FAXFYIJWT5SHHRNPOJETM77EIMJ6ZP6I/"},{"reference_url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-xchm-ph5h-hw4x","reference_id":"GHSA-xchm-ph5h-hw4x","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-xchm-ph5h-hw4x"},{"reference_url":"https://security.gentoo.org/glsa/202301-01","reference_id":"GLSA-202301-01","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://security.gentoo.org/glsa/202301-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00017.html"},{"reference_url":"https://github.com/tuxera/ntfs-3g/releases","reference_id":"releases","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://github.com/tuxera/ntfs-3g/releases"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2179","reference_id":"RHSA-2023:2179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2757","reference_id":"RHSA-2023:2757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2757"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEXHDCUSLJD2HSPMAAVZ5AWMPUOG6UI7/","reference_id":"UEXHDCUSLJD2HSPMAAVZ5AWMPUOG6UI7","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:30:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEXHDCUSLJD2HSPMAAVZ5AWMPUOG6UI7/"},{"reference_url":"https://usn.ubuntu.com/5463-1/","reference_id":"USN-5463-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5463-1/"},{"reference_url":"https://usn.ubuntu.com/5463-2/","reference_id":"USN-5463-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5463-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/367146?format=json","purl":"pkg:apk/alpine/ntfs-3g@2022.5.17-r0?arch=aarch64&distroversion=v3.20&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntfs-3g@2022.5.17-r0%3Farch=aarch64&distroversion=v3.20&reponame=main"}],"aliases":["CVE-2022-30789"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v14k-rn3f-gufw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntfs-3g@2022.5.17-r0%3Farch=aarch64&distroversion=v3.20&reponame=main"}